skills/aradotso/ai-agent-skills/open-multi-agent-orchestration/Snyk

open-multi-agent-orchestration

Warn

Audited by Snyk on May 16, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly shows MCP Server Integration using @modelcontextprotocol/server-github (via connectMCPTools) and agent tools like "search_repositories" / "create_or_update_file" to fetch and act on public GitHub repository content, which is untrusted, user-generated third‑party content that agents are expected to read and use to drive actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 16, 2026, 06:26 PM

Issues

1

Security Audit — snyk — open-multi-agent-orchestration