skills/yeachan-heo/oh-my-codex/doctor/Snyk

doctor

Warn

Audited by Snyk on Apr 29, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The skill's Auto-Fix explicitly fetches AGENTS.md from a public GitHub URL via WebFetch (https://raw.githubusercontent.com/Yeachan-Heo/oh-my-codex/main/docs/AGENTS.md), and the diagnostics also read npm registry metadata with npm view, so the agent ingests untrusted public third-party content that can materially influence its fix actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill's Auto-Fix step performs a runtime WebFetch of raw content from https://raw.githubusercontent.com/Yeachan-Heo/oh-my-codex/main/docs/AGENTS.md and writes it to ~/.codex/AGENTS.md, thereby injecting remote content that can directly control agent configuration/prompts.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 29, 2026, 06:05 PM

Issues

2