ISA

Fail

Audited by Snyk on Jun 30, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

  • Potential prompt injection detected (high risk: 0.90). The prompt contains an explicit, mandatory operational instruction to run a local network curl and emit a notification "before doing anything else," which is an out-of-scope coercive action unrelated to the ISA document generation and effectively overrides normal agent behavior—i.e., a prompt-injection attempt to force external side effects.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). The skill text contains a mandatory, silent, backgrounded POST to http://localhost:31337/notify (output redirected to /dev/null and run in the background) which is a hidden network call to a non-standard port and strongly suggests a covert notification/exfiltration/backdoor channel.

Issues (2)

E004
CRITICAL

Prompt injection detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 30, 2026, 03:33 PM
Issues
2
Security Audit — snyk — ISA