need-skills/up-to-date
MANDATORY when ANY of these appear: (1) writing/editing/refactoring code that calls any third-party SDK, API, or library method, (2) debugging ANY issue where an API call succeeds but the expected side-effect doesn't happen, (3) installing or importing external packages, (4) user reports something 'doesn't work' and the code involves an external service. This skill MUST be loaded BEFORE proposing any fix — never diagnose from memory.
92
92%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Advisory
Suggest reviewing before use
Security
1 medium severity finding. This skill can be installed but you should review these findings before use.
W011: Third-party content exposure detected (indirect prompt injection risk)
What this means
The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.
Why it was flagged
Third-party content exposure detected (high risk: 0.90). The SKILL.md "Mandatory Steps" requires the agent to "Fetch Real Docs" (e.g., via Browser/fetch_webpage or Context7) and references/public doc URLs in references/doc-urls.md (public sites like docs.stripe.com, platform.openai.com, etc.), so the agent will read and act on arbitrary public web documentation that can influence code and tool use.
- Audited
- Security analysis