iblai-init

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.80). Yes — Step 3 instructs the agent to silently run a third-party installer (npx skills add https://github.com/anthropics/skills) via an AskUserQuestion flow, which is an action outside the stated purpose of only updating/merging CLAUDE.md and includes a "do not print it" hidden execution instruction.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's Step 3 instructs the agent to run "npx skills add https://github.com/anthropics/skills --skill frontend-design", which fetches and installs code from a public GitHub repo (untrusted third-party content) that could alter the agent's tools or behavior.