add-wasp-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches installation instructions from the public raw.githubusercontent.com URL (https://raw.githubusercontent.com/wasp-lang/wasp-agent-plugins/refs/heads/main/plugins/wasp/README.md) and then instructs the agent to walk the user through those fetched README instructions, meaning untrusted, user-hosted content is read and used to drive agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly fetches runtime instructions from https://raw.githubusercontent.com/wasp-lang/wasp-agent-plugins/refs/heads/main/plugins/wasp/README.md and then uses that fetched README to drive the agent's prompts and installation guidance, so the remote content directly controls agent behavior.