coding-cli-management

Fail

Audited by Snyk on Jun 21, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This skill intentionally delegates code execution to third‑party AI CLIs (claude/gemini/qodercli) while explicitly disabling safety checks and referencing host CLI configs, enabling easy data exfiltration, credential exposure, and remote code execution.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). Outsider free text is the Worker-authored coding-request prompt content: the Manager parses the message, writes {extracted prompt content} into prompt_file, then run-coding-cli.sh reads it (cat "$prompt_file") and passes it to the external CLI/LLM at runtime.

Issues (2)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 21, 2026, 02:31 AM
Issues
2
Security Audit — snyk — coding-cli-management