Skills
skills/sanqiushili/rive_skills/rive-script-builder/Snyk

rive-script-builder

Warn

Audited by Snyk on Feb 20, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's Phase 0 live-docs workflow (SKILL.md) explicitly instructs the agent to query Context7 (/rive-app/rive-docs) and—if unavailable—run scripts/sync_rive_docs.py which fetches raw files from the public "rive-app/rive-docs" GitHub (online -> cache -> offline), and those external docs are ingested and used to drive protocol selection and code generation, so untrusted third‑party content can materially influence the agent's actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill explicitly runs scripts/sync_rive_docs.py as a runtime fallback which fetches docs.json and raw repository files from the external repo (e.g. https://raw.githubusercontent.com/rive-app/rive-docs/...) and injects that fetched documentation into the agent’s context to drive prompts, so this is a runtime remote fetch that directly controls agent input.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 20, 2026, 03:57 PM