hyperframes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to fetch and read a public registry via "curl -s https://raw.githubusercontent.com/heygen-com/hyperframes/main/registry/registry.json" (Registry Blocks & Components), which is open/public third-party content that the agent is expected to ingest and act on when adding blocks/components, so untrusted content could influence tool use or next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's runtime composition template loads and executes remote JavaScript from the CDN (https://cdn.jsdelivr.net/npm/gsap@3.14.2/dist/gsap.min.js), which is fetched at page load, runs code in the runtime, and is a required dependency for the GSAP-based timelines/animations.