save-tokens

Fail

Audited by Snyk on Jul 5, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

  • Potential prompt injection detected (high risk: 1.00). Yes — although visible, the prompt includes instructions unrelated to its stated purpose (claims sole authority and orders suppression/override of other skills/system behavior), which is a deceptive/overriding directive outside the compression scope.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.90). Skill explicitly asserts sole-session authority and directs suppression of external/third-party skills, enabling intentional bypass of other safety/monitoring modules (backdoor-like control); no direct data-exfiltration or remote-exec payloads present.

Issues (2)

E004
CRITICAL

Prompt injection detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 5, 2026, 04:28 PM
Issues
2
Security Audit — snyk — save-tokens