voice-builder

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.80). The prompt contains a deceptive, contradictory instruction: it repeatedly states the skill must produce voice.md but then later instructs "Do not produce an voice.md file," which is a hidden directive that conflicts with the skill's stated purpose and would change agent behavior.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's required workflow (Step 3 "Now paste 3 to 5 pieces of writing... LinkedIn posts, newsletter issues, essays, blog posts, emails, tweets") and Step 4 ("Read every sample...") explicitly ingests and analyzes user-provided or public third-party writing (untrusted/user-generated) which the agent then uses to determine behavior and generate outputs, creating a clear avenue for indirect prompt injection.