se-dev-script

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads and indexes Steam Workshop and local PB script files (see actions/search.md, index_scripts.py and Prepare.bat which reference SteamScripts/ and Steam Workshop content read in-place), so it consumes untrusted, user-generated third-party code/comments as part of its search/index workflow which can influence subsequent actions and outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's Prepare.bat runs at runtime and downloads+executes remote code (powershell "irm https://astral.sh/uv/install.ps1 | iex") and also fetches a binary from https://frippery.org/files/busybox/busybox64u.exe, so these URLs are runtime external dependencies that execute remote code and are required for preparation.