skills/microsoft/vscode/project-setup-info-local/Snyk

project-setup-info-local

Warn

Audited by Snyk on May 19, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly requires visiting the public GitHub org (https://github.com/modelcontextprotocol) and using the fetch_webpage tool to retrieve and act on content from the public URL https://modelcontextprotocol.io/llms-full.txt, meaning the agent will ingest and use untrusted third-party webpage content to drive setup decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires visiting https://github.com/modelcontextprotocol and using the fetch_webpage tool to retrieve https://modelcontextprotocol.io/llms-full.txt at runtime to obtain implementation instructions that are then incorporated into the project's copilot-instructions (i.e., remote content directly controls prompts/instructions and is a required dependency).

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 19, 2026, 09:07 AM

Issues

2

Security Audit — snyk — project-setup-info-local