building-inferencesh-apps
Warn
Audited by Snyk on Mar 24, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's references (e.g., references/node-app-logic.md and references/python-app-logic.md) explicitly show runtime downloads via File.from(inputUrl) and use of snapshot_download (HuggingFace) and OAuth integrations (google.sheets / google.drive), meaning it fetches and ingests untrusted public URLs and user-generated content which can directly influence app behavior.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The docs instruct running remote install scripts that are fetched and executed (e.g., curl -fsSL https://cli.inference.sh | sh, curl -LsSf https://astral.sh/uv/install.sh | sh, curl -fsSL https://fnm.vercel.app/install | bash, and curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.0/install.sh | bash), which execute remote code during setup and are presented as required dependencies for using the CLI—constituting a high-confidence runtime execution risk.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata