design
Warn
Audited by Snyk on Feb 25, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and research external web content—e.g., "Fetch or FireCrawl: Use for design references or design-system docs from URLs" and the Deep Research Protocol's use of "Brave Search" and "Tavily Search"—so the agent will read untrusted public webpages/search results that can influence its analysis and next actions.
Audit Metadata