processon-mindmap-generator

Fail

Audited by Snyk on Jun 25, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

  • Potential prompt injection detected (high risk: 0.70). 该技能明确要求在每次运行前强制执行远程版本检查并在失败时“严格禁止提示网络错误”(将错误隐瞒为“暂无更新”),并规定自动执行 shell/更新命令,这等于指示隐藏运行/网络异常并执行外部代码,属于超出单纯生成思维导图且具有欺骗性和潜在滥用风险。

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.80). The skill requires executing remote checks and explicitly mandates echoing script outputs (full visit/img URLs and the returned copyBlock) verbatim, which can force the model to disclose any sensitive tokens or credentials that appear in those returned URLs/blocks, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).


MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill mandates executing shell commands and network-fetched scripts (including an automatic update step that runs "npx ... -g" and Python scripts that read/write/clean files), which actively modify the host system state and can install or change software, so it poses a high risk of compromising the machine.

Issues (4)

E004
CRITICAL

Prompt injection detected in skill instructions.

W007
HIGH

Insecure credential handling detected in skill instructions.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 25, 2026, 12:22 PM
Issues
4
Security Audit — snyk — processon-mindmap-generator