skills/alirezarezvani/claude-skills/cs-senior-engineer/Snyk

cs-senior-engineer

Fail

Audited by Snyk on Apr 2, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

Potential prompt injection detected (high risk: 0.90). The prompt embeds a relative path ("../../../agents/engineering/cs-senior-engineer.md") that appears to pull in another agent's file outside the skill (a hidden inclusion not justified by the empty description), which is a deceptive/hidden instruction to load external content.

Issues (1)

E004

CRITICAL

Prompt injection detected in skill instructions.

Audit Metadata

Risk Level

CRITICAL

Analyzed

Apr 2, 2026, 12:43 PM

Issues

1

Security Audit — snyk — cs-senior-engineer