skills/afadtc/afa-dtc-skills/afa-sms/Snyk

afa-sms

Fail

Audited by Snyk on May 8, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

Potential prompt injection detected (high risk: 0.80). Yes — the prompt includes hidden/deceptive operational directives (e.g., "Follow the silent capture protocol" for learnings write‑back and rules to withhold internal routing/records from users) that instruct the agent to capture or hide information beyond the visible SMS-marketing functionality.

Issues (1)

E004

CRITICAL

Prompt injection detected in skill instructions.

Audit Metadata

Risk Level

CRITICAL

Analyzed

May 8, 2026, 12:59 AM

Issues

1

Security Audit — snyk — afa-sms