Skills
skills/agentspace-so/skills/find-skills/Snyk

find-skills

Warn

Audited by Snyk on Jun 12, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). Outsider free text is fetched at runtime from public registries (e.g., curl to https://skills.sh/api/search, https://clawhub.ai/api/search//api/skill, and GitHub raw.githubusercontent.com/gh api for SKILL.md), then parsed as JSON and later embedded into the report/JSON output (and thus into the agent’s LLM context if the report is passed along).

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 12, 2026, 07:46 PM
Issues
1
Security Audit — snyk — find-skills