skills/davila7/claude-code-templates/skill-installer/Snyk

skill-installer

Warn

Audited by Snyk on Feb 15, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). This skill fetches and installs skills from public GitHub (e.g., the curated listing at https://github.com/openai/skills/.../.curated) and from arbitrary user-provided GitHub repos/URLs, so the agent will ingest and act on untrusted, user-generated repository content as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The installer explicitly fetches and installs skill code at runtime from GitHub (e.g. https://github.com///tree// and https://github.com/openai/skills/tree/main/skills/.curated), which downloads remote skill code that could be executed or directly control agent prompts.

Audit Metadata

Risk Level

MEDIUM

Analyzed

Feb 15, 2026, 08:14 PM