blitzreels-clipping
Warn
Audited by Snyk on Mar 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests public, user-generated content (e.g., YouTube URLs via POST /podcast-clips as shown in examples/youtube-to-shorts.md and SKILL.md), and it relies on derived artifacts like transcripts, selection.alternatives, and qa.preview_urls to decide reselection/repair/export actions, so untrusted third-party content can materially influence the agent's next steps.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata