autocli
Fail
Audited by Snyk on Apr 21, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.90). The prompt instructs executing a remote shell script via curl from an unvetted GitHub user (raw.githubusercontent.com/nashsu/AutoCLI/main/scripts/install.sh), which is a high‑risk pattern for malware distribution (the GitHub repo owner appears unverified and distributing binaries/scripts directly is unsafe); the GitHub repo link likewise could host malicious installers while the X status URL is benign but irrelevant.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and scrape live, user-generated content from many public third-party sites (e.g., SKILL.md and README.md show commands like "autocli reddit read --url <post_url>", "autocli twitter timeline", "autocli youtube search", and the YAML/browser_evaluate adapter workflow for arbitrary URLs), so untrusted web content will be read and can influence the agent's actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill instructs at runtime to install a required dependency by running remote shell code via curl -fsSL https://raw.githubusercontent.com/nashsu/AutoCLI/main/scripts/install.sh | sh, which fetches and executes remote code that the skill depends on.
Issues (3)
E005
CRITICALSuspicious download URL detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata