viral

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md Step 2 ("TRACK A — WEB SEARCH" and "TRACK B — APIFY SCRAPING") explicitly instructs the agent to fetch and scrape public, user-generated content (Reddit, Google/YouTube/News, and TikTok/Instagram via Apify) and to use those findings to drive the research summary that directly shapes generated ideas, so untrusted third‑party content can influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The install step instructs users to run git clone https://github.com/tenfoldmarc/viral-skill ~/.claude/skills/viral, which fetches remote code that is then executed as the skill (defining the agent prompts/workflow), so this external URL directly supplies required code that controls agent behavior.