pp-opensnow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly pulls live OpenSnow content (e.g., "opensnow-pp-cli digest — Pull all Daily Snow posts" and opensnow-pp-cli snow-report <id_or_slug> plus forecast endpoints) from the public OpenSnow API/site (live results indicated by .meta.source == "live") and exposes that third-party content for agent consumption via the --agent JSON mode, which agents use to make ranking/recommendation decisions (powder-score, powder-rank, storm-track), so untrusted external content can directly influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill requires installing and running remote-packaged CLIs—e.g., via "npx -y @mvanhorn/printing-press install opensnow --cli-only" and "go install github.com/mvanhorn/printing-press-library/library/productivity/opensnow/cmd/opensnow-pp-cli@latest" (and the related "opensnow-pp-mcp" go module)—which fetch and execute remote code during setup and are required for the skill to function, presenting a remote-code-execution risk.