univer-team-standup

Warn

Audited by Snyk on May 20, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The Auto workflow's "Evidence sources" explicitly includes "Git and GitHub: commits, branches, PRs, issues, review comments, CI results" (Workflow: Auto / Collection rules), which are public/user-generated third-party contents that the agent must read and summarize and which directly influence priority, status, and write/submit decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill explicitly bootstraps required code at runtime (e.g., npx skills add dream-num/skills which pulls https://github.com/dream-num/skills and npm install -g univer-cli@latest which installs remote npm package code) and those fetched repositories/packages are required dependencies that will install and run code locally, so they can execute remote code used by the agent.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 20, 2026, 01:00 PM
Issues
2
Security Audit — snyk — univer-team-standup