tilegym-cutile-python
Warn
Audited by Snyk on Jun 12, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The required runtime workflow can ingest outsider-authored free text via the user’s prompt/request (e.g., arbitrary descriptions or code snippets the user provides), which the agent then places into the LLM context for kernel generation; this is an indirect prompt-injection surface.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs runtime cloning/reading of external code (e.g., "Clone URL: https://github.com/NVIDIA/TileGym.git" and the git clone of PyTorch at https://github.com/pytorch/pytorch.git) which fetches remote code that sub-agents read and use to control prompts/code generation, so these GitHub URLs are runtime external dependencies that directly influence agent behavior.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata