skills/terrylica/cc-skills/cli-anything/Snyk

cli-anything

Warn

Audited by Snyk on May 9, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). This skill explicitly accepts and clones public GitHub URLs as part of its "Source Acquisition" phase (e.g., the /cli-anything command and the example /cli-anything https://github.com/blender/blender) and then analyzes that codebase to generate CLI harnesses, so untrusted third-party content is ingested and can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.80). This skill explicitly clones and analyzes external GitHub repositories at runtime (e.g., https://github.com/blender/blender and https://github.com/HKUDS/CLI-Anything), so fetched repo content is required and directly controls the generated CLI prompts/instructions.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 9, 2026, 09:45 AM

Issues

2