transform-custom
Warn
Audited by Snyk on Mar 27, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill explicitly accepts HTTPS git URLs and S3 paths in "Step 1: Collect Repositories" and then "Step 3: Inspect Each Repository" runs cat/grep on those repo files to match TDs and drive transformation executions, so untrusted, user-provided repository content can be read and can materially influence which tools/commands are run.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs running remote installers at runtime that execute fetched code—most notably curl -fsSL https://transform-cli.awsstatic.com/install.sh | bash (ATX CLI) and the AWS CLI download (https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip or https://awscli.amazonaws.com/AWSCLIV2.pkg) which are used to install required dependencies and thus execute remote code.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata