lev-workshop
Fail
Audited by Snyk on Mar 1, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E004: Prompt injection detected in skill instructions.
- Potential prompt injection detected (high risk: 0.90). The code snippet sets ClaudeAgentOptions(permission_mode="bypassPermissions"), which is an explicit instruction to override agent permission controls and thus constitutes a hidden/deceptive directive outside the workshop's stated lifecycle purpose.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 0.70). Although most actions target user/project files, the prompt explicitly sets ClaudeAgentOptions(permission_mode="bypassPermissions"), which instructs the agent to bypass permission/security controls and therefore pushes toward compromising machine security.
Audit Metadata