bevy
Warn
Audited by Snyk on Feb 27, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). Flagged because the SKILL.md usage flow explicitly instructs the agent to fetch and read open/public GitHub sources (e.g., "在 https://github.com/bevyengine/bevy/tree/v0.18.0/examples ... 在 https://github.com/bevyengine/bevy/tree/v0.18.0/crates ...") and to treat those third‑party files as authoritative inputs that directly determine code and actions, exposing the agent to untrusted, user‑generated web content that can influence subsequent tool use.
Audit Metadata