capability-evolver
Fail
Audited by Snyk on Jul 7, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.70). The list includes an untrusted template clone URL (https://github.com/${publicRepo}.git) used directly in a publish script and an example URL with embedded credentials (https://user:pass123@github.com/repo); both can lead to cloning/executing arbitrary repositories or leaking credentials and are high-risk download vectors.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). High:
src/evolve.jsreads outsider-authored free text from agent session JSONL logs (e.g., other users’ chat messages/comments) viareadRealSessionLog()→formatSessionLog()and then injects it into the LLM context throughextractSignals({ recentSessionTranscript: recentMasterLog, ... })/ prompt assembly.
Issues (2)
E005
CRITICALSuspicious download URL detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata