security-scan
Warn
Audited by Snyk on Apr 28, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's required workflow installs and runs third-party tooling fetched from public GitHub (e.g., the mandatory ASH install via uvx from https://github.com/awslabs/automated-security-helper in references/ash-scan.md and SKILL.md) and then ingests/reads the ASH output (result/ash/ash.html) and other scanner outputs which directly drive fix/scan/redeploy decisions, exposing the agent to untrusted public content that can materially influence actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). This skill instructs runtime execution of a remote install script via "curl -sSf https://astral.sh/uv/install.sh | sh" and relies on fetching/executing the ASH package via uvx from "git+https://github.com/awslabs/automated-security-helper.git@v3.1.5", which downloads and runs remote code as a required dependency for the ASH scan.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata