Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/deepgram-sdk-patterns/Snyk

deepgram-sdk-patterns

Warn

Audited by Snyk on Mar 12, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill's transcribeUrl implementation in lib/transcribe.ts (and the Python transcribe_url in lib/deepgram_client.py) explicitly fetches and transcribes audio from arbitrary URLs, so untrusted third-party content can be ingested and its transcript could influence agent behavior.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 12, 2026, 05:31 PM
Issues
1