skills/dnyoussef/ai-chrome-extension/when-reviewing-code-comprehensively-use-code-review-assistant/Snyk
when-reviewing-code-comprehensively-use-code-review-assistant
Fail
Audited by Snyk on Jun 26, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 0.80). The skill instructs running a secret scanner (gitleaks) and saving its findings (security-report.json) into agent memory/post-edit hooks, which can include raw secret values and therefore requires the LLM to handle potentially verbatim secrets.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required runtime workflow ingests the PR’s changed source files (and derived reports like
eslint-report.json,security-report.json,coverage-summary.json) into the agents’ LLM context for analysis, which is outsider-authored free text from the PR author(s) via the PR diff/files path.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill repeatedly invokes the runtime-installed npm package via "npx claude-flow@alpha" (fetched from the npm registry, e.g. https://www.npmjs.com/package/claude-flow), which will fetch and execute remote code at runtime and is used to control agent hooks/sessions and thus can directly control agent instructions.
Issues (3)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata