Skills
skills/ask-ditto/ditto-product-research-skill/ditto-product-research/Snyk

ditto-product-research

Fail

Audited by Snyk on Mar 5, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.90). Most links are API/docs endpoints on askditto.io (low risk), but the presence of a direct .sh script (https://app.askditto.io/scripts/free-tier-auth.sh) and an explicit curl | bash instruction is a high‑risk pattern because fetching and executing remote shell scripts can deliver malware unless the domain and script are fully verified.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). This skill fetches and consumes persona responses and public study pages from the third‑party Ditto API (https://app.askditto.io — e.g. /v1/research-studies/.../questions, /v1/jobs/{job_id}, and public share URLs) and the SKILL.md workflow explicitly requires the agent to read/interpret those untrusted, user-generated response_text values (and use them to design follow‑up questions and generate decisions), so third‑party content can materially influence tool behavior.
Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 5, 2026, 01:26 PM