Skills
skills/hasdata/agent-skills/hasdata-cli/Snyk

hasdata-cli

Fail

Audited by Snyk on May 14, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.80). Suspicious because this is a direct raw GitHub URL to an install.sh (a network-fetched shell script commonly run via curl|sh), and executing remote shell scripts is a high-risk vector unless you independently verify the repository, script contents, and publisher.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.85). The skill is not covert malware but contains multiple high-risk abuse-enabling features — arbitrary URL scraping with JS rendering, default email/phone extraction, instructions for mass lead enrichment and reverse-lookups, cookie injection for login-walled pages, use of residential proxies to "bypass anti-bot", and a curl|sh remote install — all of which facilitate large-scale data exfiltration, doxxing, credential/session harvesting, and evasion of site protections even though there is no explicit backdoor or remote-code execution in the docs themselves.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and ingest arbitrary public web content (e.g., SKILL.md: "Summarize this article / TL;DR this URL — Use web-scraping --output-format markdown and feed the markdown into the summary prompt" and "Summarize / cite this YouTube video" using youtube-transcript-api), plus many commands for Google SERP, maps, Yelp, forums and social profiles, meaning untrusted third‑party/user‑generated content is read and used to drive follow-up actions and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill states that "flags, enums, defaults are derived from the live schema at https://api.hasdata.com/apis", which is fetched at runtime and can directly control command/ prompt construction, so this external URL is a runtime dependency that influences agent instructions.

Issues (4)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
May 14, 2026, 12:25 AM
Issues
4