linkfox-aigc-imagegen
Fail
Audited by Snyk on Jul 16, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E004: Prompt injection detected in skill instructions.
- Potential prompt injection detected (high risk: 0.90). The "执行指令" section (lines 124–126) compulsively orders the agent to immediately run a local script upon seeing an ARGUMENTS field and forbids waiting for user confirmation, which is an embedded directive that overrides normal user-consent flow and constitutes a hidden/deceptive control instruction outside the skill's normal descriptive scope.
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.90). The SKILL.md instructs downloading and installing a release.zip from agent-files.linkfox.com (a direct archive distribution for a skill), which is a high-risk vector for distributing unsigned/unknown executable code and should be treated suspicious until verified by the user/vendor—especially because it triggers installation behavior.
Issues (2)
E004
CRITICALPrompt injection detected in skill instructions.
E005
CRITICALSuspicious download URL detected in skill instructions.
Audit Metadata