slide-ko-polish
Fail
Audited by Snyk on Jun 23, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E006: Malicious code pattern detected in skill scripts.
- Malicious code pattern detected (high risk: 0.90). The scripts send slide contents to external LLM CLIs and (in polish-loop.sh) request/allow remote "Edit"/exec-style operations (e.g., claude --allowed-tools "Edit Read Grep", codex exec, --add-dir) which both exfiltrate file content to remote services and permit remote-driven modification/execution of local files — a high-risk pattern for data exfiltration and remote code execution/backdoor abuse.
Issues (1)
E006
CRITICALMalicious code pattern detected in skill scripts.
Audit Metadata