suggest-awesome-github-copilot-skills
Warn
Audited by Snyk on Feb 25, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and ingests public, user-authored content from the awesome-copilot GitHub repo (e.g., https://github.com/github/awesome-copilot/blob/main/docs/README.skills.md and raw URLs like https://raw.githubusercontent.com/github/awesome-copilot/main/skills//SKILL.md using the required #fetch/#runInTerminal/#githubRepo tools), and the agent is expected to read and act on that content to decide updates and downloads, so untrusted third‑party content can influence agent behavior.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly fetches external skill instruction files at runtime (e.g., https://raw.githubusercontent.com/github/awesome-copilot/main/skills//SKILL.md and https://github.com/github/awesome-copilot/blob/main/docs/README.skills.md) and injects/uses their content as agent instructions, making those URLs required runtime dependencies that directly control prompts.
Audit Metadata