gitnexus-exploring
Warn
Audited by Snyk on Jun 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). Steps 1–5 read from
gitnexus://repos/gitnexus://repo/{name}/context/gitnexus_query/gitnexus_context/gitnexus://repo/{name}/process/{name}, which at runtime ingests codebase text from repositories the operating user did not author (outsider-authored source files and derived prose/trace data).
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime READs of gitnexus:// resources (e.g., gitnexus://repo/{name}/context and gitnexus://repo/{name}/process/{name}), which fetch external repository/context content that is injected into the agent's reasoning context and therefore directly controls prompts and is required for the skill to operate.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata