skills/joelhooks/joelclaw/runtime-monitor/Snyk

runtime-monitor

Fail

Audited by Snyk on Mar 18, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

Potential prompt injection detected (high risk: 0.80). The prompt explicitly instructs the pi extension to "send hidden follow-up summaries," which is a concealed/stealthy action not aligned with transparent monitoring/reporting and therefore constitutes a hidden/deceptive instruction.

Issues (1)

E004

CRITICAL

Prompt injection detected in skill instructions.

Audit Metadata

Risk Level

CRITICAL

Analyzed

Mar 18, 2026, 12:38 PM

Issues

1