sparc-methodology

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly describes the "researcher" mode that performs "parallel WebSearch/WebFetch" and accepts sources like "news" and "academic" (e.g., "Deep research with parallel WebSearch/WebFetch and Memory coordination" and the researcher usage/options), which means the agent will fetch and interpret open/public third-party content that can influence its orchestration and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's NPX activation examples (e.g., "npx claude-flow sparc run ...") will fetch and execute the claude-flow package from the npm registry (https://www.npmjs.com/package/claude-flow), which means remote code is retrieved and run at runtime.