intel
Warn
Audited by Snyk on Mar 31, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill's Platform Support (§10) explicitly instructs agents to "Read [URL] and install" from a public raw.githubusercontent.com URL (https://raw.githubusercontent.com/theneoai/awesome-skills/main/skills/enterprise/intel/SKILL.md), which requires fetching and ingesting untrusted third‑party content that would be interpreted as part of the agent's runtime/system prompt and could therefore enable indirect prompt injection.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The Platform Support section explicitly instructs runtime installs like "Read [URL] and install" that fetch SKILL.md from raw.githubusercontent.com (e.g., https://raw.githubusercontent.com/theneoai/awesome-skills/main/skills/enterprise/intel/intel-engineer/SKILL.md), which at runtime would load remote content that directly defines the agent's system prompt/instructions and is treated as a required dependency.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata