omc-doctor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches public third‑party content — e.g., using npm view oh-my-claudecode version to check latest versions and an explicit WebFetch of https://raw.githubusercontent.com/.../CLAUDE.md in the Auto-Fix — and consumes that content as part of its workflow (including writing/using CLAUDE.md), so untrusted external content could materially influence decisions or actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Auto-Fix step uses WebFetch at runtime to retrieve and write remote config content from https://raw.githubusercontent.com/Yeachan-Heo/oh-my-claudecode/main/docs/CLAUDE.md into the agent's CLAUDE.md, which directly injects external instructions/configuration that can control agent prompts.