Skills
skills/aws-samples/sample-agent-skills-for-builders/quip-to-gitlab-wiki/Snyk

quip-to-gitlab-wiki

Warn

Audited by Snyk on Apr 28, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). The skill's scripts (scripts/quip-to-markdown.py -> fetch_thread() calling platform.quip-amazon.com) explicitly fetch user-generated Quip HTML, convert and ingest that content into Markdown and assets, and then push it via scripts/push-to-wiki.sh into a GitLab wiki — so untrusted third-party content is read and used as part of the workflow and can materially affect created pages and subsequent agent interactions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The .mcp.json config instructs runtime execution of an external npm package via "npx -y @zereight/mcp-gitlab" (which fetches and runs remote code that implements the GitLab MCP server and thus can control assistant interactions) — see the referenced project https://github.com/zereight/gitlab-mcp.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 28, 2026, 09:26 AM
Issues
2