typeui-cli
Warn
Audited by Snyk on Apr 11, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's registry/pull flows explicitly read an open GitHub registry and raw markdown (e.g., the index at https://raw.githubusercontent.com/bergside/awesome-design-skills/main/skills/index.json and fetched raw GitHub markdown) and then pulls/writes those skill files, so public, user-authored content could directly influence agent behavior and tooling decisions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The CLI explicitly fetches the registry index and skill markdown at runtime from https://raw.githubusercontent.com/bergside/awesome-design-skills/main/skills/index.json (and raw GitHub paths under https://github.com/bergside/awesome-design-skills), and those fetched markdown files are written into agent design-system skill files that directly control agent prompts/instructions, making this a required runtime dependency.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata