misteye-security-check

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and acts on external, untrusted content: it requires running MistEye detections on user-supplied URLs/domains (trigger rule in SKILL.md) and parses remote SKILL.md from raw.githubusercontent.com (GitHub) plus installed Skill/MCP dependency files (e.g., under ~/.agents/skills) as part of its mandatory workflow, and those external inputs directly determine blocking or continuation decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill mandatorily calls the external detection API at https://app-api.misteye.io/functions/v1/detect during runtime and uses the returned JSON (safe/matches) to decide to block or allow actions, so this runtime-fetched content directly controls the agent's behavior.