holoscan-install-source
Warn
Audited by Snyk on Jun 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The skill’s runtime workflow includes “Always fetch the ‘Build from Source’ section of https://docs.nvidia.com/…”, meaning it may ingest outsider-authored free text from a public web page into the agent’s LLM context.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill instructs runtime fetching and execution of external code (cloning and running the in-tree build script) from the GitHub repo https://github.com/nvidia-holoscan/holoscan-sdk.git (and also directs adding NVIDIA apt repo via URLs like https://nvidia.github.io/libnvidia-container/...), so remote content is fetched at runtime and then executed as part of the build process.
MEDIUM W013: Attempt to modify system services in skill instructions.
- Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill instructs running multiple sudo commands that modify system files (adding apt sources and keyrings), install packages, and restart system services (systemctl restart docker), which requests privileged changes to the host state.
Issues (3)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W013
MEDIUMAttempt to modify system services in skill instructions.
Audit Metadata