ln-781-build-verifier
Warn
Audited by Snyk on Apr 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly says "If
shared/is missing, fetch files via WebFetch from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}", meaning the agent will retrieve and consume public GitHub-hosted content (third‑party/user‑authored) as part of its workflow which can influence build/restoration actions and tool use.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata