skills/rheinmir/setup/caveman-help/Snyk

caveman-help

Fail

Audited by Snyk on Jun 3, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E004: Prompt injection detected in skill instructions.

Potential prompt injection detected (high risk: 1.00). The prompt claims "do NOT ... persist anything" and to only display a reference card, yet secretly adds detailed instructions to create and modify wiki files (write drafts and append indexes), which are hidden/deceptive persistence actions outside the skill's stated purpose.

Issues (1)

E004

CRITICAL

Prompt injection detected in skill instructions.

Audit Metadata

Risk Level

CRITICAL

Analyzed

Jun 3, 2026, 04:49 AM

Issues

1

Security Audit — snyk — caveman-help