mindspeed-llm-env-setup
Warn
Audited by Snyk on Mar 17, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). This skill's required workflow (SKILL.md) instructs fetching and installing public repositories (e.g., "git clone https://gitcode.com/ascend/MindSpeed.git" and "git clone https://github.com/NVIDIA/Megatron-LM.git" and referenced external docs), meaning untrusted third‑party code/content is fetched and used as part of the setup and can materially change runtime behavior.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.70). The skill explicitly clones and installs external code at runtime which will execute on the host (e.g., git clone https://gitcode.com/ascend/MindSpeed.git and git clone https://github.com/NVIDIA/Megatron-LM.git, pip installs via https://download.pytorch.org/whl/cpu, and pulling the Docker image swr.cn-south-1.myhuaweicloud.com/ascendhub/cann:8.5.0-910b-ubuntu22.04-py3.10) and these are required dependencies, so they can execute remote code and thus pose runtime risk.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata