matlab-agentic-toolkit-setup
Warn
Audited by Snyk on May 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly queries the public GitHub API (curl https://api.github.com/repos/matlab/matlab-mcp-core-server/releases/latest) and downloads release assets from https://github.com/matlab/matlab-mcp-core-server/releases/... as part of its required install workflow (Phase 1d / Phase 3a), and those fetched third‑party release artifacts are read/used (downloaded, made executable, and run), so untrusted remote content can directly influence tool installation and subsequent agent behavior.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill uses runtime curl commands to query and download the MCP binary (e.g., https://api.github.com/repos/matlab/matlab-mcp-core-server/releases/latest and https://github.com/matlab/matlab-mcp-core-server/releases/download/${LATEST_TAG}/${ASSET_NAME}), which the setup then makes executable and runs for verification, so remote content fetched at those URLs can directly result in executing external code that the setup depends on.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata