plan-reviewer

Warn

Audited by Snyk on May 22, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (medium risk: 0.60). The skill explicitly instructs the agent to read and directly update files on disk (e.g., listing and editing ~/.claude/plans and editing a loaded plan "without permission"), which modifies machine state and can overwrite user files—so it poses moderate risk even though it doesn't request sudo or system-level changes.

Issues (1)

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 22, 2026, 06:45 AM
Issues
1
Security Audit — snyk — plan-reviewer