ln-914-community-responder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and reads public, user-generated GitHub discussions and issues (see Phase 1: the gh api/graphql and gh issue view calls and Phase 2a: "Read the discussion/issue body — identify the core question or problem" and comments), which the agent interprets and uses to classify, compose, and publish responses—exposing it to untrusted third‑party content that could carry indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly falls back at runtime to fetch mandatory instruction/templates from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}, and those fetched Markdown files (response_styles, humanizer_checklist, community discovery, etc.) directly control how the agent composes prompts and responses, so this is a high-confidence runtime dependency that can alter agent behavior.