skills/nexu-io/open-design/slack-gif-creator/Snyk

slack-gif-creator

Warn

Audited by Snyk on May 18, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The SKILL.md "How to use" explicitly directs the agent to open and inspect the upstream GitHub URL (https://github.com/anthropics/skills/tree/main/slack-gif-creator) and install the upstream bundle, which requires fetching public, user-authored content from GitHub that could contain instructions influencing agent behavior.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 18, 2026, 02:15 PM

Issues

1

Security Audit — snyk — slack-gif-creator