Skills
skills/jwynia/agent-skills/research/Snyk

research

Warn

Audited by Snyk on Feb 15, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). This skill's bundled Tavily CLI (scripts/tavily-cli.ts) calls Tavily's web-search API (https://api.tavily.com/search) and can retrieve and print raw page content and AI summaries from arbitrary public websites (e.g., via the --raw and printed results), meaning the agent will ingest untrusted third-party web content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 08:30 PM