Skills
skills/sickn33/antigravity-awesome-skills/claude-code-expert/Snyk

claude-code-expert

Warn

Audited by Snyk on Mar 7, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs adding MCP servers that perform web scraping and HTTP requests and to integrate with GitHub (see "5. Mcp Servers" and "Mcps Mais Uteis" which list puppeteer/playwright, fetch, and github MCPs), and the workflow examples and commands (e.g., reading PRs/issues and using scraped webpages) indicate the agent will read and act on untrusted, user-generated third‑party content as part of its operation.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill includes examples that enable arbitrary command execution (hooks that run shell/PowerShell), adding MCPs like filesystem, permissive "Write(*)" settings, and the --dangerously-skip-permissions flag — all of which encourage making persistent, potentially privileged changes to the host filesystem and state.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 7, 2026, 05:35 PM