loop-skill

Warn

Audited by Snyk on Jul 5, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.80). The loop skill runs arbitrary target skills repeatedly and snapshots git state but does not prevent targets from requesting sudo, editing system files, or creating users, so it can be used to execute a malicious or state-changing skill even though it forbids git history commits.

Issues (1)

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 5, 2026, 05:05 PM
Issues
1
Security Audit — snyk — loop-skill