run-with-it

Fail

Audited by Snyk on May 24, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). This skill contains deliberate, high-risk instructions to bypass sandboxing and approval controls (dangerouslyDisableSandbox, --dangerously-skip-permissions, --dangerously-bypass-approvals-and-sandbox), to monopolize execution authority while forbidding inspection of sub-coordinator internals/logs, and to spawn external agent CLIs with unattended full permissions—patterns that enable remote code execution and covert exfiltration of repository and environment data and thus constitute an intentional backdoor/abuse vector.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches user-generated GitHub issues (e.g., "Fetches all ready-for-agent issues" and "re‑fetch using: gh issue view --json ...") and injects the full issue body/comments into the SUB_COORD_CONTEXT_FILE that spawned Sub‑Coordinators and their worker agents will read and act on, so untrusted third‑party content can materially influence agent decisions and tool use.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs running agents with dangerouslyDisableSandbox / flags that bypass approvals and sandboxing and performs filesystem mutations (deleting files, modifying .gitignore, committing changes), so while it doesn't request sudo or create system users it does push bypassing security controls and altering the machine's state.

Issues (3)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
May 24, 2026, 03:58 AM
Issues
3
Security Audit — snyk — run-with-it