skills/terminalskills/skills/twenty-crm/Snyk

twenty-crm

Warn

Audited by Snyk on Mar 13, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The SKILL.md Setup explicitly instructs fetching and using a public GitHub raw URL (https://raw.githubusercontent.com/twentyhq/twenty/main/packages/twenty-docker/docker-compose.yml), meaning the agent is expected to ingest and act on untrusted, user-hosted third-party content that can materially change runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.80). The setup step uses curl to fetch and run https://raw.githubusercontent.com/twentyhq/twenty/main/packages/twenty-docker/docker-compose.yml and then runs docker compose up, which causes remote container images/configuration to be executed at runtime, so this URL directly controls execution.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 13, 2026, 09:18 PM

Issues

2