semantic-slicing
Warn
Audited by Snyk on May 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs fetching and ingesting public third-party content (e.g., cloning GitHub repos and using a GitHub target_repo, running gitcrawl for issue/PR clusters, and using discrawl for Discord support messages) as described in SKILL.md and references/workflow.md, and that untrusted/user-generated content is used to rank slices and drive AI processing decisions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The workflow explicitly clones and builds remote repositories (e.g., https://github.com/openclaw/clawpatch.git and https://github.com/vercel-labs/deepsec.git) as part of setup and then runs their local binaries (pnpm build / node CLI), so fetched remote code is executed at runtime and is required for the skill to operate.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata