pp-airframe

Warn

Audited by Snyk on May 17, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). This skill explicitly downloads and ingests open public third‑party datasets (FAA registry and the NTSB CAROL accident database via airframe-pp-cli sync/doctor) and uses those records to drive decisions (model safety, tail/event lookups), so untrusted external content can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 1.00). The skill instructs the operator to fetch and install remote binaries at runtime (e.g., via "go install github.com/mvanhorn/printing-press-library/library/developer-tools/airframe/cmd/airframe-pp-cli@latest" and "go install github.com/mvanhorn/printing-press-library/library/travel/flight-goat/cmd/flight-goat-pp-cli@latest"), which downloads and executes remote code and are required dependencies for the skill to run.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). Flagged because the skill instructs the agent to detect the OS and — with user consent — run system package-install commands that include sudo (apt/dnf) and other package managers, which modify system state and require elevated privileges.

Issues (3)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 17, 2026, 11:27 PM
Issues
3
Security Audit — snyk — pp-airframe