Skills
skills/ruvnet/ruflo/agent-multi-repo-swarm/Snyk

agent-multi-repo-swarm

Warn

Audited by Snyk on Mar 1, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly uses GitHub CLI/API calls (e.g., "gh repo list my-organization ..." and "gh api repos$my-organization/$repo$contents$package.json") to fetch repository contents (user-generated GitHub data) and then reads/acts on that data to decide and execute cross-repo changes and create PRs, so untrusted third‑party content can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill repeatedly invokes "npx ruv-swarm" (which fetches and executes the remote npm package, e.g. https://registry.npmjs.org/ruv-swarm) at runtime and relies on it for core operations, so this is a runtime external dependency that executes remote code.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 04:33 PM