skills/alirezarezvani/claude-skills/karpathy-coder/Snyk

karpathy-coder

Fail

Audited by Snyk on May 2, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

Potential prompt injection detected (high risk: 0.80). The prompt contains a relative path (../../../engineering/karpathy-coder/SKILL.md) that attempts to pull in external instructions from outside the skill manifest, which is a hidden inclusion and thus a potential prompt injection outside the skill's stated (empty) purpose.

Issues (1)

E004

CRITICAL

Prompt injection detected in skill instructions.

Audit Metadata

Risk Level

CRITICAL

Analyzed

May 2, 2026, 10:16 PM

Issues

1