Skills
skills/autobyteus/autobyteus-skills/deep-research-article/Snyk

deep-research-article

Warn

Audited by Snyk on Mar 14, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's default workflow requires an "internet-backed" Step 1 — "Internet source sweep (required by default)" and references/web_research_protocol.md to fetch, read, and extract claims from public web sources/URLs into source_dossier.md and evidence_extract.md, and those extracted third‑party contents are used to build the claim→evidence ledger and drive drafting/next actions, creating a clear vector for indirect prompt injection.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 14, 2026, 06:36 AM
Issues
1