linkfox-aigc-imagegen

Fail

Audited by Snyk on Jul 16, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

  • Potential prompt injection detected (high risk: 0.90). The "执行指令" section (lines 124–126) compulsively orders the agent to immediately run a local script upon seeing an ARGUMENTS field and forbids waiting for user confirmation, which is an embedded directive that overrides normal user-consent flow and constitutes a hidden/deceptive control instruction outside the skill's normal descriptive scope.

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.90). The SKILL.md instructs downloading and installing a release.zip from agent-files.linkfox.com (a direct archive distribution for a skill), which is a high-risk vector for distributing unsigned/unknown executable code and should be treated suspicious until verified by the user/vendor—especially because it triggers installation behavior.

Issues (2)

E004
CRITICAL

Prompt injection detected in skill instructions.

E005
CRITICAL

Suspicious download URL detected in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 16, 2026, 08:07 AM
Issues
2