mrbeast-perspective

Fail

Audited by Snyk on May 31, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). Most links are mainstream news, wiki and media pages, but the set includes multiple unknown GitHub repos (user "alchaincyf"), personal domains and explicit install/run instructions (npx skills add, shell/python scripts) which can execute arbitrary code — making this a moderately high-risk collection for distributing malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 该Skill的运行时“MrBeast式研究”要求使用WebSearch等工具获取外部网页/行业基准/竞品数据;这些被抓取的公开网页正文属于OUTSIDER-AUTHORED FREE TEXT,并会进入LLM上下文用于生成回答。

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

  • Hidden Unicode characters detected (1 type(s) found)

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W021
MEDIUM

Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

Audit Metadata
Risk Level
CRITICAL
Analyzed
May 31, 2026, 03:13 AM
Issues
3
Security Audit — snyk — mrbeast-perspective