Skills
skills/terrylica/cc-skills/chezmoi-workflows/Snyk

chezmoi-workflows

Warn

Audited by Snyk on Mar 10, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill's workflows (e.g., "Sync from Remote" and "Initialize (clone existing)" in SKILL.md) instruct using chezmoi to pull from a GitHub remote (e.g., chezmoi init git@github.com:<user>/dotfiles.git and chezmoi update) and then render/apply those repository templates into the home directory, which clearly ingests untrusted user-provided third-party content from GitHub that can change agent actions and system state.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill includes a setup/install command that fetches and executes remote code via sh -c "$(curl -fsLS get.chezmoi.io)" (https://get.chezmoi.io), which would run remote code during setup.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 07:14 AM