claude-code-ultimate-guide
Warn
Audited by Snyk on May 17, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and follow public third‑party content (e.g., "Option 3: Interactive Onboarding (No Setup)" which pulls https://raw.githubusercontent.com/FlorianBruniaux/claude-code-ultimate-guide/main/tools/onboarding-prompt.md and the repo clone at https://github.com/FlorianBruniaux/claude-code-ultimate-guide.git) and exposes MCP tools like read_section/search_guide that cause the agent to read and act on that untrusted public GitHub/raw.githubusercontent content, which can materially influence tool use and behavior.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs the agent at runtime to fetch and follow remote instructions from https://raw.githubusercontent.com/FlorianBruniaux/claude-code-ultimate-guide/main/tools/onboarding-prompt.md (and the recommended MCP invocation uses npx which executes the remote package available at https://www.npmjs.com/package/claude-code-ultimate-guide-mcp), both of which fetch remote content that would be executed/used to directly control agent prompts.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata