skills/lobbi-docs/claude/cloud-native-deploy/Snyk

cloud-native-deploy

Warn

Audited by Snyk on Apr 4, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). This skill's required workflow explicitly runs "azd init --template https://github.com/Azure-Samples/quickstart-deploy-aspnet-core-app-service.git" (SKILL.md, "Azure Developer CLI (fastest)"), which fetches a public GitHub template (untrusted third-party content) that is ingested into and can change the deployment workflow and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.80). I flag the GitHub Actions and azd template references because they are fetched and executed at runtime (controlling CI/provisioning behavior) — e.g. actions/checkout@v4, actions/setup-dotnet@v4, actions/upload-artifact@v4, azure/login@v2, and https://github.com/Azure-Samples/quickstart-deploy-aspnet-core-app-service.git.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 4, 2026, 10:03 AM

Issues

2

Security Audit — snyk — cloud-native-deploy