skills/yigitkonur/skill-cli-gpt-image/cli-gpt-image/Snyk

cli-gpt-image

Warn

Audited by Snyk on Jun 9, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.75). The skill’s runtime path takes the Codex backend’s SSE response events (including response.output_item.done with item.revised_prompt and other text fields) and returns them in the agent-visible JSON envelope on stdout, so outsider-authored free text from ChatGPT/Codex can enter the LLM context via the tool output.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 9, 2026, 05:53 AM

Issues

1

Security Audit — snyk — cli-gpt-image