Skills
skills/browser-act/skills/zhihu-search-api-skill/Snyk

zhihu-search-api-skill

Warn

Audited by Snyk on Mar 30, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and scripts/zhihu_search_api.py clearly call the BrowserAct API to fetch full Zhihu article content (public, user-generated pages) and return/parse the article body and metadata (result_string/body_content), which the agent is expected to read and use for monitoring, summarization, and decision-making—making it exposed to untrusted third-party content that could contain instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The script calls the BrowserAct API at https://api.browseract.com/v2/workflow at runtime to run a remote workflow template (TEMPLATE_ID) that executes remote automation code and is required for the skill to function, so the external service effectively controls execution of the task.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 30, 2026, 02:31 PM
Issues
2