dbskill-upgrade
Warn
Audited by Snyk on Mar 24, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill's upgrade workflow explicitly fetches and clones public GitHub content (curl from https://raw.githubusercontent.com/dontbesilent2025/dbskill/main/VERSION and git clone https://github.com/dontbesilent2025/dbskill.git) and reads the repository README.md to extract update notes, meaning it ingests untrusted, user-hosted third-party content that can change installed code and the agent's behavior.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The upgrade script performs runtime fetches—curl https://raw.githubusercontent.com/dontbesilent2025/dbskill/main/VERSION and git clone https://github.com/dontbesilent2025/dbskill.git—which download and install remote skill code that will be executed/used by the agent and thus can control prompts or execute code.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata