skills/aradotso/claude-code-skills/claude-code-system-prompts/Snyk

claude-code-system-prompts

Warn

Audited by Snyk on May 16, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs fetching and reading prompt files from a public GitHub repository (e.g., "git clone https://github.com/Piebald-AI/claude-code-system-prompts.git" and cat ./system-prompts/*.md), so untrusted third-party content is ingested and can directly influence agent prompts and tool behavior.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 16, 2026, 11:19 PM

Issues

1

Security Audit — snyk — claude-code-system-prompts