trello
Warn
Audited by Snyk on Mar 10, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The SKILL.md shows the agent calling the Trello REST API (e.g., "List cards in a list" and example queries returning card fields like desc via https://api.trello.com/1/...), which ingests user-generated, public/third‑party content (card names/descriptions/comments) that the agent would read and could influence subsequent actions.
Audit Metadata