tauri-svelte-ui-components

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 1.00). The mandatory "Memory Protocol" instructs the agent to read and write a local memory file and to change how it treats context/interruptions—actions unrelated to Svelte UI code review and that can enable data access or persistence, so they are deceptive/out-of-scope instructions.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The package includes a mandatory "Memory Protocol" that explicitly instructs reading an internal agent memory file (.claude/context/memory/learnings.md) before execution and to record new patterns afterward — a deliberate attempt to access and persist internal context that could be used for data exfiltration or establishing a backdoor-like persistence; no direct network exfiltration, remote code execution, or obfuscated payloads were found in the provided files.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's references/research-requirements.md explicitly instructs the agent to "Use Exa first" and to "Use WebFetch/arXiv fallback" to obtain current best practices, meaning the agent is expected to fetch and interpret content from public third-party sites (e.g., arXiv/web pages) that could contain untrusted, user-published instructions influencing its actions.