Warn
Audited by Snyk on Mar 5, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to "Use WebSearch" and "Use WebFetch to read specific pages," which requires fetching and interpreting arbitrary public web pages (untrusted third-party content) as part of its workflow.
Audit Metadata