Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/anima-core-workflow-b/Snyk

anima-core-workflow-b

Warn

Audited by Snyk on Apr 13, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The SKILL.md Step 1 "Website-to-Code Conversion" (cloneWebsiteToReact) explicitly ingests arbitrary public website URLs and captures page content to generate code, meaning untrusted third‑party webpages are read and used to drive code-generation and post-processing.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 13, 2026, 09:30 PM
Issues
1