skills/gmh5225/awesome-skills/claude-code-skills/Snyk

claude-code-skills

Warn

Audited by Snyk on Feb 21, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs fetching public GitHub content (e.g., git clone examples and a WebFetch call to https://raw.githubusercontent.com/gmh5225/awesome-skills/refs/heads/main/README.md) so the agent would read untrusted, user-generated third-party content that could influence its subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The README shows runtime git clone commands that fetch and install external skill repositories (e.g., https://github.com/user/skill-repo and the official https://github.com/anthropics/skills) into .claude/skills, which are then auto-loaded and can directly control agent prompts/behavior by providing skill instructions/code.

Audit Metadata

Risk Level

MEDIUM

Analyzed

Feb 21, 2026, 10:10 AM