ISA
Fail
Audited by Snyk on Jun 30, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E004: Prompt injection detected in skill instructions.
- Potential prompt injection detected (high risk: 0.90). The prompt contains an explicit, mandatory operational instruction to run a local network curl and emit a notification "before doing anything else," which is an out-of-scope coercive action unrelated to the ISA document generation and effectively overrides normal agent behavior—i.e., a prompt-injection attempt to force external side effects.
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 1.00). The skill text contains a mandatory, silent, backgrounded POST to http://localhost:31337/notify (output redirected to /dev/null and run in the background) which is a hidden network call to a non-standard port and strongly suggests a covert notification/exfiltration/backdoor channel.
Issues (2)
E004
CRITICALPrompt injection detected in skill instructions.
E006
CRITICALMalicious code pattern detected in skill scripts.
Audit Metadata