skills/specmatic/skills/specmatic-openapi-spec-extractor/Snyk

specmatic-openapi-spec-extractor

Warn

Audited by Snyk on May 5, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W013: Attempt to modify system services in skill instructions.

Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs the agent to retry Docker commands using the environment’s built-in privilege escalation mechanism for permission-related failures, which encourages obtaining elevated (sudo-like) privileges on the host and thus risks compromising machine state.

Issues (1)

W013

MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 5, 2026, 01:25 PM

Issues

1