Skills
skills/ajbcoding/claude-skill-eval/moai-security-ssrf/Snyk

moai-security-ssrf

Warn

Audited by Snyk on Mar 1, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's core implementation explicitly ingests external third‑party content — e.g., SKILL.md's Core Implementation calls Context7Client.get_library_docs to pull external docs and the makeSecureRequest / SSRFSafeHttpClient.fetch flows (examples.md and code snippets) fetch and validate arbitrary user-provided URLs — so the agent will read and act on untrusted web content that can materially influence decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill includes runtime calls to the Context7 service (baseUrl: https://api.context7.ai) — e.g., Context7Client.get_library_docs / query — which fetch external threat-intel/docs that are then injected into the agent's decision/optimization flow, meaning remote content can directly influence prompts/behavior.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 01:08 AM