pp-docker-hub
Warn
Audited by Snyk on May 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill drives a CLI that queries Docker Hub public API and returns repository metadata, tags, and Dockerfiles (see "docker-hub-pp-cli docker-hub-search" and the "repositories" command and the "response envelope" describing "meta.source":"live"), meaning the agent will ingest untrusted, user-generated content from public third-party sites that could influence actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill instructs runtime installation of remote code that the agent may run — e.g., "npx -y @mvanhorn/printing-press install docker-hub --cli-only" and "go install github.com/mvanhorn/printing-press-library/library/developer-tools/docker-hub/cmd/docker-hub-pp-cli@latest" — which fetches and installs/executes external code that the skill depends on.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata