zenmux-image-generation
Warn
Audited by Snyk on May 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's required Step 1 (refresh_references.sh) explicitly re-downloads community prompt cookbooks and docs from public sources (raw.githubusercontent.com / YouMind-OpenLab GitHub, youmind.com, ZenMux/zenmux-doc, developers.openai.com) and Step 4 instructs the agent to read and blend those cookbook entries into the generated prompts, so untrusted, user-generated third‑party content is fetched and directly influences prompt construction and API calls.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill's refresh_references.sh is run at every invocation and re-curls the community prompt cookbooks from raw.githubusercontent.com (e.g. https://raw.githubusercontent.com/YouMind-OpenLab/awesome-gpt-image-2/... and https://raw.githubusercontent.com/YouMind-OpenLab/awesome-nano-banana-pro-prompts/...), which are fetched at runtime and directly used as prompt/instruction content the agent consults (a required dependency), so these URLs are runtime-controlled sources for prompts.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata