libafl
Warn
Audited by Snyk on Feb 17, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill includes explicit commands to fetch and use public web content (e.g., git clone https://github.com/AFLplusplus/LibAFL, wget/curl examples like curl -L -O https://downloads.sourceforge.net/... and curl -o seeds/input.png) and shows loading seed inputs/dictionaries (state.load_initial_inputs, tokens.add_from_file) which causes the fuzzer/agent to ingest untrusted, user-provided third-party content as part of its workflow.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill includes explicit privileged operations (apt install, sudo ./llvm.sh, package installation and system-level tooling changes) that instruct running commands requiring root and thus change the machine state and could lead to compromise.
Audit Metadata