ssi5/module-federation
Scaffold a Module Federation remote component consumer
58
73%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Advisory
Suggest reviewing before use
Security
2 findings — 2 medium severity. This skill can be installed but you should review these findings before use.
W011: Third-party content exposure detected (indirect prompt injection risk)
What this means
The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.
Why it was flagged
Third-party content exposure detected (high risk: 1.00). The skill requires consuming a remoteEntry.js from an arbitrary remote URL via the MFEConfig `url` field (e.g., "Full URL to the remote's remoteEntry.js") and documents dynamic loading when the MFEConfig is provided at runtime (e.g., from an API or prop), which means the agent will fetch and execute untrusted third‑party code/contents.
W012: Unverifiable external dependency detected (runtime URL that controls agent)
What this means
The skill fetches instructions or code from an external URL at runtime, and the fetched content directly controls the agent’s prompts or executes code. This dynamic dependency allows the external source to modify the agent’s behavior without any changes to the skill itself.
Why it was flagged
Potentially malicious external URL detected (high risk: 0.90). The skill instructs the app to load a remoteEntry.js URL at runtime (e.g. https://dashboard.example.com/remoteEntry.js or https://remote.example.com/remoteEntry.js), which the Module Federation loader fetches and executes in the host to provide the remote component — a required runtime dependency that executes remote code.
- Audited
- Security analysis