harness-creator
Warn
Audited by Snyk on May 28, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The required runtime workflow for this skill (create/validate/benchmark) reads outsider-authored free text from the target repository’s existing files—e.g.,
AGENTS.md/CLAUDE.md,feature_list.json,progress.md,session-handoff.md, andinit.sh—vialoadHarnessFiles()→readText()→scoreHarness()/htmlReport(), which then injects that text into the agent’s LLM context for scoring/explanation.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata