notemdpro
Warn
Audited by Snyk on Apr 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The README and SKILL.md explicitly describe a "web-researcher" workflow and even show commands like claude "Fetch and follow instructions from https://raw.githubusercontent.com/.../INSTALL.md" (and reference using Tavily/DDG), which instruct the agent to fetch and act on public GitHub raw pages and web search results—untrusted third‑party content that can materially influence agent actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The README instructs agents to "Fetch and follow instructions" from remote raw GitHub URLs (https://raw.githubusercontent.com/Jacobinwwey/notemdpro/refs/heads/main/.codex/INSTALL.md and https://raw.githubusercontent.com/Jacobinwwey/notemdpro/refs/heads/main/.opencode/INSTALL.md), which are fetched at runtime and directly control agent prompts/instructions, so they constitute a high-confidence runtime external dependency.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata