gitnexus-exploring
Warn
Audited by Snyk on Jun 23, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). Outsider source category: public/externally indexed codebase content—runtime steps like
READ gitnexus://repos,READ gitnexus://repo/{name}/context, andREAD gitnexus://repo/{name}/process/{name}ingest repository text that the operating user did not author (i.e., third-party code/docs) into the agent’s LLM context.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime READs from gitnexus:// URLs (e.g., gitnexus://repo/{name}/context and gitnexus://repo/{name}/process/{name}) which fetch repository context and execution traces that are injected into the agent's prompt/context and therefore directly control its outputs.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata