hyperframes-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Website→Video workflow explicitly captures and ingests arbitrary public URLs and their extracted files (see "npx hyperframes capture " and references/website-to-video/step-1-capture.md and the Minis/browser_use steps that download assets and extract visible-text.txt), then requires the agent to read and summarize those site assets and use them to drive SCRIPT.md / STORYBOARD.md and build compositions — meaning untrusted web content directly influences the agent's actions and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes a runtime installer (scripts/install-skill.py) that calls GitHub API URLs like https://api.github.com/repos/{repo}/contents/... and downloads repository files at runtime to /var/minis/skills, meaning remote code/content is fetched and installed as a required dependency during execution.