mrbeast-perspective
Fail
Audited by Snyk on May 31, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.70). Most links are mainstream news, wiki and media pages, but the set includes multiple unknown GitHub repos (user "alchaincyf"), personal domains and explicit install/run instructions (npx skills add, shell/python scripts) which can execute arbitrary code — making this a moderately high-risk collection for distributing malware.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 该Skill的运行时“MrBeast式研究”要求使用WebSearch等工具获取外部网页/行业基准/竞品数据;这些被抓取的公开网页正文属于OUTSIDER-AUTHORED FREE TEXT,并会进入LLM上下文用于生成回答。
MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
- Hidden Unicode characters detected (1 type(s) found)
Issues (3)
E005
CRITICALSuspicious download URL detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W021
MEDIUMHidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
Audit Metadata