hyperfleet-e2e-test-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs the agent to fetch and read full content from public third-party sources—e.g., running gh api against repos/openshift-hyperfleet/hyperfleet-e2e/contents/test-design/testcases and fetching the architecture summary from https://raw.githubusercontent.com/...—and to interpret that content before designing tests, so untrusted repository/webpage content can directly influence decisions and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly requires fetching repository test cases at runtime via GitHub API (e.g., gh api repos/openshift-hyperfleet/hyperfleet-e2e/contents/test-design/testcases and related contents endpoints) and the architecture summary from https://raw.githubusercontent.com/openshift-hyperfleet/architecture/refs/heads/main/hyperfleet/architecture/architecture-summary.md, and those fetched files are mandatory inputs that directly steer the agent's test-design prompts and outputs.