read
Fail
Audited by Snyk on May 29, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.70). These links mix trusted vendor APIs (open.feishu.cn) with third-party proxy services (defuddle.md, r.jina.ai) and raw GitHub content endpoints (raw.githubusercontent.com) that can deliver arbitrary/untrusted files or scripts—making them a moderate-to-high risk as possible malware distribution vectors if the upstream content or repos are untrusted.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.95). In the required workflow, the skill fetches outsider-authored free text from a user-supplied URL/PDF and then feeds the extracted readable content into the agent’s LLM context (via
scripts/fetch.sh→scripts/fetch_local.py/defuddle.md/r.jina.ai), which is untrusted and may contain prompt-like instructions.
Issues (2)
E005
CRITICALSuspicious download URL detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata