gocd

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.85). The presence of a raw GitHub install.sh (curl | sh) and a user-owned Scoop bucket/repo (jorgemuza) means these are untrusted, user-distributed installers that can pull and execute binaries—making them suspicious until you verify the repository, inspect the install script, and confirm release sources; gocd.example.com is just a placeholder.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflows explicitly fetch and inspect config-repo and material content from VCS via commands like "orbit -p myprofile cd cr definitions my-repo", "cd cr status/trigger", and "cd pipeline config" (see SKILL.md and references/commands.md), which are untrusted user-generated repo/web sources that the agent is expected to read and that can materially influence subsequent actions (preflight/apply/update pipelines).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's prerequisites instruct installing the required orbit CLI by running curl -sSfL https://raw.githubusercontent.com/jorgemuza/orbit/main/install.sh | sh, which fetches and executes remote code as part of setup for a required dependency.