pstack
Fail
Audited by Snyk on Jul 10, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.80). These URLs point to an individual GitHub repository (https://github.com/kashyab12/uni-pstack.git) that the package's updater will clone and run install/update scripts from — an unvetted, non-official source and a supply-chain risk (high-risk GitHub repo usage for automatic installs).
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). High: the required delegation workflow (
scripts/spawn-codex-worker.sh) embeds the workerprompt(which can originate from user/outsider text) as free-form text into the Codex worker’s LLM context viawrapped_prompt→codex exec ... "$wrapped_prompt".
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). scripts/update-self.sh defaults to repo URL https://github.com/kashyab12/uni-pstack.git and at runtime may git-clone that URL and then execute the fetched install.sh, which runs remote code from that repository.
Issues (3)
E005
CRITICALSuspicious download URL detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata