minecraft-modpack-server

Warn

Audited by Snyk on May 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The SKILL.md "Download & Inspect the Pack" step explicitly instructs fetching an arbitrary serverpack.zip via wget ("") and to inspect startserver.sh and mods/, meaning the workflow ingests untrusted third-party modpack content (e.g., CurseForge/Modrinth or arbitrary URLs) that the agent is expected to read and use to determine loader, Java version, and launch behavior, so that content could materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 1.00). The wget command (wget -O serverpack.zip "") downloads a remote server pack at runtime which the skill then instructs to inspect and run (e.g., startserver.sh / installer jars), meaning fetched content can execute remote code and is a required dependency.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt includes explicit sudo commands (apt installs and ufw firewall changes) and other system-level modifications (installing packages, opening ports, setting cron jobs) that instruct the agent to change the host machine's state with elevated privileges.

Issues (3)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 16, 2026, 01:44 PM
Issues
3
Security Audit — snyk — minecraft-modpack-server