Skills
skills/johnnyhua/pcp-skills/pcp-setup/Snyk

pcp-setup

Warn

Audited by Snyk on Feb 27, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs downloading and installing code from a public GitHub raw URL (https://raw.githubusercontent.com/JohnnyHua/pcp-skills/main, e.g., plugin/pcp.ts and skill SKILL.md files), which are untrusted third‑party files that the plugin injects into agents via the system.transform hook and therefore can materially change agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 1.00). This skill's install script fetches and installs code at runtime from https://raw.githubusercontent.com/JohnnyHua/pcp-skills/main (notably plugin pcp.ts and skill SKILL.md files); pcp.ts is a plugin executed by OpenCode that injects a system.transform hook to modify agent prompts/behavior, so the remote URL is a required runtime dependency that directly executes code and controls agent instructions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 27, 2026, 07:25 PM