lovstudio-any2pdf
Warn
Audited by Snyk on Jun 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). Outsider free text from the user-supplied Markdown file is read at runtime (
main()readsargs.inputintomd_text) and then injected into the LLM context via the conversion pipeline’s text rendering (e.g.,parse_md()→md_inline()/Paragraph), so any untrusted Markdown content becomes LLM-readable prose.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly recommends running system package installation (sudo apt install ...) and pip with --break-system-packages (which can bypass environment protections), both of which modify the machine state and require or encourage elevated privileges, so it poses a high risk of compromising the host.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata