Skills
skills/zrr1999/skills/agent-cli-toolkit/Snyk

agent-cli-toolkit

Warn

Audited by Snyk on Mar 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to read GitHub PRs/Issues and timelines using gh and gh-llm (e.g., "gh pr view ...", "gh llm pr view ...") which pulls untrusted, user-generated content from public GitHub that the agent will interpret and could change its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). I flag https://vite.plus because the skill explicitly tells users to run curl -fsSL https://vite.plus | bash (a runtime installation step that fetches and executes remote code) as the installer for the 'vp' tool the skill depends on.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 16, 2026, 03:50 PM
Issues
2