loom-fluxcd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill declares Flux controllers that fetch and reconcile content from external, potentially untrusted sources (e.g., GitRepository spec.url like https://github.com/org/repo, HelmRepository entries such as https://charts.bitnami.com, and ImageRepository/container registries), so third-party repository/chart/registry content is read and can directly influence deployments and automation actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The SKILL includes a runtime installation command that fetches and executes a remote shell script via "curl -s https://fluxcd.io/install.sh | sudo bash", which downloads and runs remote code (https://fluxcd.io/install.sh).