Emacs Ecosystem
Warn
Audited by Snyk on Apr 28, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The SKILL.md contains explicit runtime fetches of public, untrusted content (e.g., the straight.el bootstrap uses url-retrieve-synchronously to fetch and eval "https://raw.githubusercontent.com/.../install.el", treesit-language-source-alist lists GitHub grammar URLs to download, and package-archives point to MELPA/ELPA), so the agent is expected to ingest and act on third‑party web content that could influence behavior.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The straight.el bootstrap example fetches and directly evaluates remote code at runtime from https://raw.githubusercontent.com/radian-software/straight.el/develop/install.el (via url-retrieve-synchronously and eval-print-last-sexp), so this URL is a runtime external dependency that executes remote code.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata