Skills
skills/zeabur/zeabur-claude-plugin/zeabur-template/Snyk

zeabur-template

Warn

Audited by Snyk on Mar 14, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and use external public sources (e.g., https://raw.githubusercontent.com/zeabur/zeabur-template-doc/main/, project GitHub READMEs, Docker Hub/GHCR repos, and raw template YAMLs) and to incorporate their startup commands/configuration into template creation, so untrusted, user-generated web content is read and can directly influence actions and decisions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 14, 2026, 05:11 AM
Issues
1