skills/gmh5225/awesome-llvm-security/llvm-obfuscation/Snyk

llvm-obfuscation

Fail

Audited by Snyk on Feb 16, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

Malicious code pattern detected (high risk: 1.00). The content details advanced LLVM-based obfuscation and anti-analysis techniques (control-flow flattening, string encryption, virtualization, anti-debugging, etc.) that are dual-use but strongly enable stealthy/malicious behavior and evasion of analysis, so it poses a high risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs fetching live content from a public GitHub raw URL (https://raw.githubusercontent.com/gmh5225/awesome-llvm-security/refs/heads/main/README.md), which is user-maintained third-party content the agent would read and could contain untrusted or user-generated input.

Audit Metadata

Risk Level

CRITICAL

Analyzed

Feb 16, 2026, 12:38 AM