Skills
skills/strzhao/ai-todo-cli/ai-todo/Snyk

ai-todo

Warn

Audited by Snyk on Mar 11, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly connects to the external ai-todo service (https://ai-todo.stringzhao.life) via the ai-todo CLI and instructs the agent to list and read tasks and logs (e.g., "ai-todo tasks:list", "ai-todo tasks:logs"), which are user-generated/untrusted third-party content that the agent must interpret to decide and perform actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 11, 2026, 09:58 AM
Issues
1