last30days

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (medium risk: 0.65). This is a GitHub repository that supplies Python scripts to be downloaded and executed; while GitHub is common and often legitimate, running unreviewed code from an individual/low-visibility repo (or one you haven't verified) is potentially dangerous because it can contain malicious or harmful actions—there are no direct binary downloads but the explicit instruction to run a local script raises risk unless you audit or sandbox it.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public, user-generated content (see SKILL.md "Use available OD research/search capability, public web pages" and modules like scripts/lib/bird_x.py for X/Twitter, scripts/lib/bluesky.py for Bluesky, and scripts/lib/competitors.py which calls grounding.web_search), and that external content is read and synthesized as part of the required workflow and used to drive findings and follow-up actions, so untrusted third-party content could inject instructions indirectly.