ai-for-science-ai4s-basic
Warn
Audited by Snyk on Mar 28, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs fetching and using untrusted third-party content—e.g., section 7.2 instructs git cloning GitHub repos (github.com/rusty1s/pytorch_scatter.git, pytorch_sparse, pytorch_cluster) and other steps (8.1, references/*) require reading model GitHub READMEs and external hiascend.com docs, so the agent would ingest and act on public, user-provided content.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs runtime setup commands that git-clone and build remote repositories (e.g., git clone https://github.com/rusty1s/pytorch_scatter.git, https://github.com/rusty1s/pytorch_sparse.git, https://github.com/rusty1s/pytorch_cluster.git followed by python setup.py bdist_wheel and pip install), which fetches and executes remote code and are required by the skill.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata