pp-wanderlust-goat

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). The CLI clearly ingests and fuses live public, user-generated sources (e.g., Reddit via the reddit-quotes command, Wikipedia/Wikivoyage, Atlas Obscura, and editorial scrapes) as described in the SKILL.md (e.g., near, sync-city, research-plan, and reddit-quotes), and agents are expected to read and act on that content as part of their workflow—so untrusted third-party content can materially influence agent decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires installing and running an external CLI fetched from remote packages that execute code at setup (e.g., go install github.com/mvanhorn/printing-press-library/library/travel/wanderlust-goat/cmd/wanderlust-goat-pp-cli@latest and npx -y @mvanhorn/printing-press install wanderlust-goat --cli-only), so the fetched content is a required dependency and will execute remote code.