Why Ethereum

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The required workflow uses curl -s https://ethskills.com/why/SKILL.md to fetch a remote web page at runtime, and that fetched free-text content is then ingested into the agent’s LLM context (public web content from an outsider source).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The catalog's install.command and setup explicitly fetch and instruct the agent to read https://ethskills.com/why/SKILL.md at runtime, so external content from that URL is loaded and directly supplies instructions to the agent.