boxlang-runtime-chromebook

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required setup steps explicitly fetch and execute public third‑party resources (e.g., Step 5: "curl -fsSL https://downloads.ortussolutions.com/boxlang/install-boxlang.sh | bash" and Step 4 Option B: wget of Temurin JDK from GitHub releases), so it ingests and acts on untrusted external content that could materially alter behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs executing remote installer scripts at runtime via "curl -fsSL https://downloads.ortussolutions.com/boxlang/install-boxlang.sh | bash" and "https://downloads.ortussolutions.com/bvm/install.sh | bash", which fetch and immediately execute external code and are presented as required installation steps.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs running multiple sudo commands that modify system files and directories (apt installs, adding apt repositories/keys, writing to /opt and /etc) and even executes remote install scripts (curl | bash), which pushes the agent to perform privileged, state-changing operations on the machine.