Skills
skills/briiirussell/cybersecurity-skills/dependency-audit/Snyk

dependency-audit

Warn

Audited by Snyk on Apr 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs consulting public vulnerability/advisory sources and running tools that query open registries (e.g., "Run Automated Audit Tools" such as npm audit, trivy, docker scout and "Research Framework-Specific Known Issues" plus references to NVD, GitHub Advisory Database, and Snyk), so it ingests untrusted public third-party content (package registries and advisory databases) that can materially influence decisions and actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 16, 2026, 05:19 PM
Issues
1
Security Audit — snyk — dependency-audit