zhang-yiming-perspective
Fail
Audited by Snyk on May 30, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.70). The list is mostly news sites and GitHub repositories (plus a few personal domains and badge images) rather than direct executables, but it includes installing/downloading code from a single, relatively unknown personal GitHub/npm author and personal hosts (npx/git clone/URLs) — a common delivery vector for malicious packages — so treat as moderately suspicious until the repositories and install scripts are audited in a sandbox.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 该Skill的运行工作流要求在Step 2中使用WebSearch等工具获取“公开网页/媒体报道/外部分析”并把其可读文本纳入LLM上下文;这些来源属于OUTSIDER(公共网页内容/他人撰写的文章),因此存在间接提示注入风险。
MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
- Hidden Unicode characters detected (1 type(s) found)
Issues (3)
E005
CRITICALSuspicious download URL detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W021
MEDIUMHidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
Audit Metadata