Skills
skills/mathews-tom/praxis-skills/agent-builder/Snyk

agent-builder

Warn

Audited by Snyk on Mar 6, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch live documentation from public URLs (see "Documentation Sources" listing https://github.com/anthropics/claude-agent-sdk-python and https://code.claude.com/docs/en/*, the Workflow step 3 "Reference live docs", and "Use WebFetch tool to pull latest documentation"), meaning it ingests open/public third‑party content that can materially influence tool use and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 1.00). The skill includes a setup step that runs remote code at runtime via "curl -fsSL https://claude.ai/install.sh | bash", which fetches and executes code and is presented as a required installation for the skill to work.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 08:05 PM