amass
Warn
Audited by Snyk on Apr 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's instructions show running Amass against public internet data sources (Step 2 passive enumeration which uses certificate transparency, DNS datasets and APIs) and configuring third‑party API keys (Step 5: Shodan, VirusTotal, URLScan, GitHub, etc.), and then parsing the Amass JSON output in Step 6—clearly ingesting untrusted, user-generated public data that the agent reads and uses to drive further actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.70). The skill instructs fetching and installing a remote executable (used at runtime) from https://github.com/owasp-amass/amass/releases/latest/download/amass_Linux_amd64.zip which downloads and results in execution of external code as a required dependency.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs running sudo to move the Amass binary into /usr/local/bin (modifying system files and requiring elevated privileges), so it encourages changing the machine state with root privileges.
Issues (3)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata