audit
Warn
Audited by Snyk on Mar 3, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and read public raw GitHub content (e.g., https://raw.githubusercontent.com/austintgriffith/evm-audit-skills/main/evm-audit-master/SKILL.md) and to read arbitrary public GitHub contract URLs (e.g., https://github.com/owner/repo/blob/main/contracts/Foo.sol), which are untrusted user-controlled third‑party sources whose contents drive routing, checklist selection, and next actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs fetching the master skill at https://raw.githubusercontent.com/austintgriffith/evm-audit-skills/main/evm-audit-master/SKILL.md (and per-skill checklists at https://raw.githubusercontent.com/austintgriffith/evm-audit-skills/main//references/checklist.md) at runtime, and those documents contain the routing table and checklists that directly control which sub-agents/tasks and prompts are executed, so this is a remote content dependency that controls agent behavior.
Audit Metadata