land-and-deploy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and inspects live public URLs (curl and $B goto / $B console / $B perf in Step 1.5b and Step 7 Canary verification) and reads PR bodies/check outputs, treating that untrusted, user-generated web content as evidence that directly influences merge, deploy, and revert actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's SETUP step will curl and run the Bun install script at https://bun.sh/install (tmpfile downloaded then executed with bash), which fetches and executes remote code at runtime.