skills/40rty-ai/shopify-admin-skills/repeat-purchase-rate/Snyk

repeat-purchase-rate

Fail

Audited by Snyk on Apr 12, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

Potential prompt injection detected (medium risk: 0.60). The skill is mostly transparent and read-only, but it explicitly requests customer email (defaultEmailAddress.emailAddress) — unnecessary for the stated repeat-rate calculation and thus a hidden/exfiltration risk outside the skill's purpose (plus a model-targeted "Claude MUST emit" mandate), so this is a moderate prompt-injection concern.

Issues (1)

E004

CRITICAL

Prompt injection detected in skill instructions.

Audit Metadata

Risk Level

CRITICAL

Analyzed

Apr 12, 2026, 04:14 AM

Issues

1