skills/nexu-io/open-design/artifacts-builder/Snyk

artifacts-builder

Warn

Audited by Snyk on May 11, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The SKILL.md "How to use" explicitly instructs opening and installing the upstream GitHub bundle (https://github.com/ComposioHQ/awesome-claude-skills/tree/master/artifacts-builder), which requires fetching and using untrusted public repository content that the agent would consume as part of the workflow.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 11, 2026, 11:02 AM

Issues

1