ln-820-dependency-optimization-coordinator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs fetching reference files via WebFetch from https://raw.githubusercontent.com/... if local shared/ is missing and also consumes audit/registry outputs (npm audit, pip-audit, PyPI/NuGet API checks) as mandatory checkpoint payloads that drive delegation/blocking decisions, so untrusted public content is read and can materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly states that if the local shared/ directory is missing it will "fetch files via WebFetch from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}", and those fetched "MANDATORY READ" reference files drive runtime contracts/instructions the coordinator must load, so this external raw GitHub URL is a runtime dependency that can directly control agent behavior.