javascript-ecosystem

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs agents to fetch first‑party "llms.txt" agent-context files at runtime (e.g. https://react.dev/llms.txt) and to install/execute remote agent skills via npx/git repos (e.g. https://github.com/angular/skills), which are runtime fetches that can inject external instructions that directly control agent prompts — so this is a high-confidence runtime external dependency risk.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes payment gateway integrations in its index: a "Payments" section lists Stripe (mentioning PaymentIntents, Payment Element, Checkout Sessions) and Polar (merchant-of-record; checkout + webhooks). Those are specific payment APIs/providers (tools whose primary purpose is moving money), so the skill surfaces explicit financial-execution tools.