skills/k1lgor/mega-mind-skills/skill-stocktake/Snyk

skill-stocktake

Warn

Audited by Snyk on Apr 7, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly tells the auditor to "verify with web search" and to "check package names on npm/PyPI" (see the "Currency" and "Tips" sections), which requires fetching and interpreting open, public third-party pages whose content could influence verdicts and actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 7, 2026, 04:23 PM

Issues

1

Security Audit — snyk — skill-stocktake