Skills
skills/idencosmos/idencosmos-agent-skills/skills-batch-ops/Snyk

skills-batch-ops

Warn

Audited by Snyk on Feb 19, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The pipeline's collect_sources_live / collect_web_candidates_from_github and validate_content steps explicitly fetch and parse untrusted public content (e.g., popular feed from https://skills.sh/, GitHub search via the GitHub API, and SKILL.md files pulled from https://raw.githubusercontent.com/ in validate_content/fetch_text), and those parsed SKILL.md contents and web evidence are used to decide manifest_status and drive installs (npx skills add), so third‑party content can materially influence agent decisions and tool use.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 19, 2026, 11:26 AM