awaken
Warn
Audited by Snyk on Apr 21, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's Full Soul Sync and reawaken workflows explicitly fetch and read public GitHub content (e.g., the
/learn https://github.com/Soul-Brews-Studio/...steps andgh issue view ... --commentscommands in Phase 4) and then use those discoveries to generate the Oracle's philosophy and files, meaning untrusted third-party content is ingested and can materially influence the agent's actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The Full Soul Sync and related flows explicitly run /learn on https://github.com/Soul-Brews-Studio/opensource-nat-brain-oracle and https://github.com/Soul-Brews-Studio/oracle-v2 and use gh to read/post to Soul-Brews-Studio/arra-oracle-v3 at runtime, and the fetched repository content is used to generate the Oracle's philosophy/CLAUDE.md (directly controlling prompts/behavior), so these external GitHub repos are runtime dependencies that control agent instructions.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata