apple-on-device-ai
Warn
Audited by Snyk on May 24, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill explicitly shows loading models from public model repositories / arbitrary URLs (e.g., ModelConfiguration(id: "mlx-community/...") used with LLMModelFactory.shared.loadContainer and MLModel(contentsOf: modelURL) in SKILL.md and references), which means it fetches and executes third-party, user-contributed model artifacts whose content can materially change model behavior.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata