ppt-agent

Fail

Audited by Snyk on Jun 10, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.90). The skill contains multiple deliberate patterns that materially enable opaque execution, prompt-injection and supply-chain risks (prohibiting source inspection, auto-running subagents with injected prompts, and template injection), which could be abused for data exfiltration or backdoor behavior.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). Step 2A 的 ResearchSynth subagent 在运行时会进行“联网检索/抓取网页内容”,其抓取到的公开网页文本会被整理进 search.txt/search-brief.txt 并作为可读文本喂回 subagent 的 LLM 上下文,属于 OUTSIDER(公共 web 内容)→ 间接提示注入风险路径。

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

  • Hidden Unicode characters detected (1 type(s) found)

Issues (3)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W021
MEDIUM

Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 10, 2026, 08:18 AM
Issues
3
Security Audit — snyk — ppt-agent