cluster-agent-swarm

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These are third‑party GitHub URLs from an individual account that host executable scripts and recommend npx/git commands that download and run code—representing a supply‑chain risk and potential for destructive or malicious scripts unless the repo and commit are thoroughly audited.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and executes third-party GitHub code (SKILL.md / INSTALL instructions: npx skills add and pinned git clone) and the agents are documented to ingest and act on untrusted, user-generated data such as pod logs and alerts (SECURITY.md and OPERATIONAL_RISKS.md reference skills/observability/scripts/log-search.sh and alert-triage.sh), which can influence agent decisions and tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). This skill explicitly uses runtime install commands (e.g., "npx skills add https://github.com/kcns008/cluster-agent-swarm-skills" and pinned variants) which fetch and execute code from the GitHub URL https://github.com/kcns008/cluster-agent-swarm-skills, meeting the criteria for a runtime external dependency that executes remote code and is required for the skill.