skills/mgiovani/cc-arsenal/ci-generate/Snyk

ci-generate

Warn

Audited by Snyk on Mar 26, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill's required Phase 2 "Research Best Practices" step in SKILL.md explicitly instructs the agent to "Use WebSearch" (queries like "[detected platform] CI/CD best practices ..."), which fetches and ingests open web content that can directly influence pipeline design and tool choices.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 26, 2026, 08:41 PM

Issues

1

Security Audit — snyk — ci-generate