ESPHome

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Most links are to legitimate docs and known projects (esphome.io, home-assistant, reputable GitHub repos and CDNs), but there are some higher‑risk entries — direct firmware binaries (.bin), placeholder/unknown GitHub user paths, raw file URLs and local/embedded device IPs — that could be used to deliver malware if not verified, so verify signatures, checksums, and provenance before downloading or flashing.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The skill’s runtime workflow can ingest outsider-authored free text via user-provided natural-language requests (e.g., “User request” → LLM context), which is not authored by the operating user’s organization and can contain indirect prompt-injection payloads.