Skills
skills/lee-to/ai-factory/aif-skill-generator/Snyk

aif-skill-generator

Warn

Audited by Snyk on Mar 3, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's Learn Mode and related workflow explicitly fetch and study arbitrary URLs from the open web using WebFetch/WebSearch (see SKILL.md "Learn Mode" section and references/LEARN-MODE.md), so the agent will ingest untrusted, user-supplied third‑party content and use it to synthesize skills and instructions that can materially change behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). Learn Mode explicitly fetches user-provided URLs at runtime via WebFetch (e.g., https://github.com/owner/repo) and uses the fetched content to synthesize SKILL.md and guide the agent—meaning remote content is injected into the model context and can directly control prompts/instructions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 3, 2026, 06:16 PM