hive-mcp-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's SKILL.md requires network access to the public Hive MCP endpoint (https://hiveintelligence.xyz/mcp) and explicitly instructs using hive-mcp-cli/uxc to fetch endpoint schemas and JSON data and then act on those results, meaning untrusted third-party content is read and can materially influence subsequent tool invocations and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill explicitly links to and invokes the Hive MCP endpoint at https://hiveintelligence.xyz/mcp at runtime (via uxc link / hive-mcp-cli and uxc https://hiveintelligence.xyz/mcp ...), and that remote endpoint provides schemas and operation definitions that directly control what the agent discovers and invokes, making it a required runtime dependency that controls agent instructions.