skills/boshu2/agentops/update/Snyk

update

Fail

Audited by Snyk on Apr 5, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

Suspicious download URL detected (high risk: 1.00). This is a direct raw GitHub link to an install shell script from an individual/unknown account — running a remote .sh executes arbitrary code and is high-risk unless you’ve verified the repository, the account, and the script contents in a secure environment.

CRITICAL E006: Malicious code pattern detected in skill scripts.

Malicious code pattern detected (high risk: 0.90). The skill explicitly instructs executing a remote install script via curl | bash to overwrite/install skills globally, which enables remote code execution and supply-chain/backdoor installation across agents and is therefore a high-risk pattern even if the repo itself appears benign.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs executing a remote installer via bash <(curl -fsSL https://raw.githubusercontent.com/boshu2/agentops/main/scripts/install.sh), which fetches and runs public GitHub-hosted content (an untrusted third‑party source) that can contain arbitrary instructions and materially change agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 1.00). The skill runs a runtime command that fetches and directly executes remote code via bash <(curl -fsSL https://raw.githubusercontent.com/boshu2/agentops/main/scripts/install.sh), so the external URL directly controls executed code.

MEDIUM W013: Attempt to modify system services in skill instructions.

Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs executing a remote install script that reinstalls/overwrites skills globally (potentially modifying system files or requiring elevated privileges), forcing the agent to perform system-changing actions that could compromise the machine.

Issues (5)

E005

CRITICAL

Suspicious download URL detected in skill instructions.

E006

CRITICAL

Malicious code pattern detected in skill scripts.

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W013

MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata

Risk Level

CRITICAL

Analyzed

Apr 5, 2026, 11:07 PM

Issues

5