update-acumen
Warn
Audited by Snyk on Apr 27, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). This skill uses gh to fetch raw files from the public GitHub repository VGrss/Acumen (e.g., via gh api/contents calls) and writes them into source/skills and then copies/symlinks them into .agents/.claude, meaning untrusted third‑party skill content from GitHub is ingested and can change agent behavior.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill runs gh API calls at runtime to fetch raw skill files from the Acumen GitHub repo (e.g. https://api.github.com/repos/VGrss/Acumen/contents/source/skills/{name}/{file} and https://api.github.com/repos/VGrss/Acumen/git/trees/main:source/skills) and writes those files into local skill directories, so remote content fetched during execution can directly control agent prompts/instructions.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata