fetch-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly instructs fetching a GitHub issue body and its messages (user-generated, public content from a third-party site), which the agent would read and could let injected instructions in those issue comments influence its decisions or tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The command "bunx @willbooster/agent-skills@latest fetch-issue <...>" pulls and executes the external npm package @willbooster/agent-skills@latest at runtime, so required remote code would be fetched and executed by the skill.