physicsnemo-discover
Warn
Audited by Snyk on Jun 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required runtime workflow includes shallow-cloning the external PhysicsNeMo GitHub repository (https://github.com/NVIDIA/physicsnemo) and then reading its files (e.g., SKILL.md’s “shallow-clone … for path discovery only” and subsequent Read/Glob steps), so outsider-authored repo text can be ingested into the agent’s LLM context.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The SKILL.md explicitly directs the agent at runtime to shallow-clone and read from the canonical repo URL (https://github.com/NVIDIA/physicsnemo) when a local clone is absent, and those fetched files are then read to directly control the agent's discovery/output, so this is a runtime external dependency: https://github.com/NVIDIA/physicsnemo
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata