ln-823-pip-upgrader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs fetching missing files via WebFetch from the public raw GitHub URL (https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}) and mandates using MCP/WebSearch documentation tools to load external migration/docs that the agent must read and act on during upgrade decisions, exposing it to untrusted third‑party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs that if shared/ is missing it must be fetched at runtime via WebFetch from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}, meaning external content would be fetched during execution and can directly control agent behavior/instructions (e.g., coordinator contracts and breaking-change patterns) and is relied on as a required dependency.