.claude/skills/electron-distribution/SKILL.md

Warn

Audited by Snyk on Mar 21, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). This skill's updater workflows explicitly fetch update metadata and releaseNotes from public providers (GitHub Releases, S3/CloudFront, and the provided update-server endpoints) — see main/services/updater.ts and update-server/server.ts — and then surface those third‑party release notes to the app/UI where they can influence download/install decisions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 21, 2026, 01:13 PM
Issues
1
Security Audit — snyk — .claude/skills/electron-distribution/SKILL.md