skills/shipshitdev/library/skill-scout/Snyk

skill-scout

Warn

Audited by Snyk on Jun 20, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). The skill’s runtime workflow explicitly performs external web/package/GitHub searches and then ingests the resulting candidate content into the LLM context to rank/vet options (outsider-authored free text from public web pages, repos, and marketplaces).

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 20, 2026, 01:13 PM

Issues

1

Security Audit — snyk — skill-scout