gh-oss-go-bump

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill clearly fetches and inspects untrusted third-party OSS content (e.g., via "gh api repos///contents/go.mod", cloning repos to /tmp/go-bump/, and web-searching for the latest Go release) and uses those artifacts to decide "safe-to-bump", test, create PRs, and merge actions, so external repository or web content could indirectly inject instructions that influence tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill clones and executes code from external GitHub repositories at runtime (e.g., via git clone https://github.com//.git and gh api repos///contents/go.mod) and runs that code with commands like go test, so remote content can directly execute during the skill.