liepin-jobs
Warn
Audited by Snyk on Mar 27, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill connects to Liepin's public MCP server (DEFAULT_MCP_URL "https://open-mcp.liepin.com/..." in liepin_mcp.py and SKILL.md's instructions to use https://www.liepin.com/mcp/server), and the CLI explicitly fetches, parses, and acts on returned tool content (search-job, my-resume, call_tool outputs), which are public/user-generated job postings and responses that the agent reads and can drive actions (e.g., applying), allowing untrusted third-party content to influence behavior.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs fetching and then running remote Python code at runtime from https://raw.githubusercontent.com/TerminalSkills/skills/main/skills/liepin-jobs/liepin_mcp.py (curl ... then python ...), so the fetched content would be executed as code and is a required dependency.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata