ohos-dev-distributed-device-image-flashing
Warn
Audited by Snyk on Jun 26, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Outsider free text is ingested via the runtime download of a public daily-build tarball from DCP (
download_daily.pyfetchesimgObsPathover HTTPS, thensafe_extractextracts and readsparameter.txt/image directory contents as local files thatflash_device.pyparses as text, e.g.,CMDLINE:mtdparts=...).
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill queries the DCP API at runtime (https://dcp.openharmony.cn/api/daily_build/build) and then downloads the image archive from the returned imgObsPath URL, whose extracted parameter.txt and images are used by flash_device.py to determine partition layout and perform destructive flashing — i.e., remote content directly controls the agent's flashing instructions.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill instructs the agent/operator to perform destructive, privileged operations (flashing partitions with dd via hdc, remounting /system read-write, pushing .so files, and using updater/maskrom tools) that modify the device's system state and require elevated access, so it can compromise the host-connected device and thus should be flagged.
Issues (3)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata