skills/rcdailey/dotfiles/agents-authoring/Snyk

agents-authoring

Warn

Audited by Snyk on Mar 29, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). This SKILL.md explicitly allows loading instruction files from opencode.json's "instructions" field including remote URLs (e.g., "https://raw.githubusercontent.com/..."), so the agent will fetch and combine external, potentially untrusted instruction files into its runtime behavior, enabling indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 1.00). The skill explicitly allows opencode.json to reference and fetch remote instruction files at runtime (e.g., https://raw.githubusercontent.com/my-org/shared-rules/main/style.md), and those fetched files are combined with AGENTS.md to directly control agent instructions.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 29, 2026, 08:19 PM

Issues

2