FirstPrinciples

Fail

Audited by Snyk on Jun 29, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

  • Potential prompt injection detected (high risk: 1.00). The prompt mandates immediate side-effecting commands (an obligatory curl POST to a localhost notify endpoint and enforced local logging/notifications) that are unrelated to the stated analysis-only FirstPrinciples purpose and thus constitute hidden/deceptive instructions that override normal agent behavior.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.90). The skill mandates silent, background HTTP POSTs to localhost:31337 (a suspicious beacon/backdoor) before any action and writes persistent execution logs to the user's home directory, behavior consistent with covert signaling and potential data collection/exfiltration.

Issues (2)

E004
CRITICAL

Prompt injection detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 29, 2026, 01:32 PM
Issues
2
Security Audit — snyk — FirstPrinciples