skills/diegosouzapw/awesome-omni-skill/Agent Inbox/Snyk

Agent Inbox

Warn

Audited by Snyk on Mar 30, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). This skill explicitly imports GitHub issues into the agent inbox (see "Importing from GitHub", "Human Instructions via GitHub", and the "auto_import: true" config in SKILL.md), causing agents to read and act on user-generated, public GitHub content — allowing untrusted third‑party instructions to influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.80). This skill can auto-import GitHub issues at runtime (via "ailang messages import-github" / auto_import) from repositories such as https://github.com/sunholo-data/ailang, and those remote issue bodies are ingested as agent messages that directly control agent instructions.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 30, 2026, 02:41 PM

Issues

2