find-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The required workflow uses the Skills CLI (npx skills find [query]) to search the open skills ecosystem and then presents/installs discovered skills, which can involve fetching and ingesting outsider-authored free text from public/community skill sources at runtime (e.g., skill metadata/descriptions from skills.sh/GitHub registries).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). This skill explicitly instructs running the Skills CLI to fetch and install remote skill packages at runtime (e.g., "npx skills add vercel-labs/agent-skills@react-best-practices" and references https://skills.sh/), which will download and execute external code and can directly supply prompts/instructions to the agent.