skillforge

Fail

Audited by Snyk on Jun 13, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.90). The docs include explicit runtime command execution (!command) that inlines shell output (including env vars/git diffs) and guidance to preapprove tools like Bash/Read/Edit, creating a clear vector for RCE and secret exfiltration if a skill/operator abuses those features.

Issues (1)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 13, 2026, 11:36 AM
Issues
1