gitnexus-exploring
Warn
Audited by Snyk on Jun 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). Steps 1–5 read
gitnexus://repos,gitnexus://repo/{name}/context,gitnexus_query,gitnexus_context, andgitnexus://repo/{name}/process/{name}, which are derived from the contents of git repositories (i.e., code/text authored by outsiders) that the LLM ingests as readable prose during the codebase exploration workflow.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime READs from gitnexus:// URLs (e.g., gitnexus://repos, gitnexus://repo/{name}/context, gitnexus://repo/{name}/process/{name}) whose fetched content is injected into the agent context and used to drive prompts/analysis, making them required external dependencies that control the agent's behavior.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata