hyperpod-cluster-debugger
Warn
Audited by Snyk on May 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill clearly ingests user-controlled content at runtime — e.g., scripts/diagnose-cluster.sh and SKILL.md show it downloads and inspects user-provided S3 lifecycle scripts via the --validate --s3-uri flow and reads CloudWatch / cluster events (aws logs get-log-events, list-cluster-events) and uses those messages to generate findings and Suggested-command outputs, so untrusted/user-generated content can influence its decisions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata