skills/arcniko/sky-kb/sky/Snyk

sky

Warn

Audited by Snyk on Mar 9, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). This skill explicitly clones and syncs external GitHub repositories (e.g., "git clone https://github.com/arcniko/sky-kb.git" and the "add repo " flow), then reads files under /content and DIRECTORY.md to answer questions, so untrusted third‑party repo content can be ingested and influence the agent's decisions and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill's Setup flow performs "git clone https://github.com/arcniko/sky-kb.git" and then runs "python3 /scripts/sync.py", meaning remote repository code is fetched at runtime and executed (https://github.com/arcniko/sky-kb.git).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 9, 2026, 11:15 PM