Skills
skills/sundial-org/awesome-openclaw-skills/agent-development/Snyk

agent-development

Warn

Audited by Snyk on Mar 4, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's required prompt template and policy files instruct agents to perform external verification ("Verify with [external check
  • npm view, API call, etc.]" and "Check [authoritative source]") and the recommended .claude/settings.json explicitly allow "WebFetch(domain:*)" (SKILL.md and rules/custom-agent-instructions.md), meaning the agent will fetch and act on arbitrary public web/API content that could contain untrusted instructions.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (medium risk: 0.40). The prompt explicitly encourages granting agents Bash/Write/Edit tools, instructs them to "FIX issues found" and to modify user config files (e.g., ~/.bashrc, .claude/settings.json) and run shell commands, so it promotes autonomous modifications of the host environment even though it does not request sudo or system-level changes.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 4, 2026, 02:22 AM