agent-collaboration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly instructs the agent to run "tmux-bridge read " and to consume replies from other panes/agent instances (see SKILL.md step 6 and the example read-act-read patterns), so untrusted peer-pane output is ingested and used to drive subsequent messaging/keys actions and could therefore carry indirect prompt-injection instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's setup instructions include a direct runtime command "curl -fsSL shawnpana.com/smux/install.sh | bash" which fetches and executes remote code from https://shawnpana.com/smux/install.sh to install the required smux/tmux-bridge dependency.