skills/fearvox/evensong/repo-bootstrap-and-audit/Snyk

repo-bootstrap-and-audit

Warn

Audited by Snyk on Jun 24, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). Phase 2.1 and 2.2 clone public GitHub repositories at runtime (everything-claude-code and optionally openai/codex-plugin-cc) and copy their README/skill/command/prompt text into the project’s .claude/ directories, which the agent can then read and include in its LLM context.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill's runtime steps clone and copy remote repositories (https://github.com/affaan-m/everything-claude-code.git and optionally https://github.com/openai/codex-plugin-cc.git), importing external "skills/commands/prompts/scripts" into .claude/ which directly injects prompts and executable scripts that can control agent instructions and behavior.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 24, 2026, 09:31 AM

Issues

2

Security Audit — snyk — repo-bootstrap-and-audit