oma-pdf

Fail

Audited by Snyk on Jun 13, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.80). This is a direct link to a shell installer (install.sh) on the astral.sh domain — running remote install scripts via curl|sh is high-risk unless you explicitly trust the vendor and have verified the script (direct-downloads of executables/scripts from non-major vendor domains are a common malware vector).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). The skill ingests outsider-authored free text from the user-supplied PDF file (local filesystem path), and that PDF’s extracted text/preview is then read into the agent/LLM context during conversion/verification (e.g., Step 1 text-layer probing and Step 4 reading generated Markdown), so the content origin is not controlled by the operating user.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The execution-protocol's error-recovery instructs at runtime to install the required CLI by running a remote install script via curl -LsSf https://astral.sh/uv/install.sh | sh, which fetches and executes remote code that the skill may rely on (the uv/uvx runtime dependency).

Issues (3)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 13, 2026, 12:18 PM
Issues
3
Security Audit — snyk — oma-pdf