oma-pdf
Fail
Audited by Snyk on Jun 13, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.80). This is a direct link to a shell installer (install.sh) on the astral.sh domain — running remote install scripts via curl|sh is high-risk unless you explicitly trust the vendor and have verified the script (direct-downloads of executables/scripts from non-major vendor domains are a common malware vector).
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The skill ingests outsider-authored free text from the user-supplied PDF file (local filesystem path), and that PDF’s extracted text/preview is then read into the agent/LLM context during conversion/verification (e.g., Step 1 text-layer probing and Step 4 reading generated Markdown), so the content origin is not controlled by the operating user.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The execution-protocol's error-recovery instructs at runtime to install the required CLI by running a remote install script via curl -LsSf https://astral.sh/uv/install.sh | sh, which fetches and executes remote code that the skill may rely on (the
uv/uvxruntime dependency).
Issues (3)
E005
CRITICALSuspicious download URL detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata