inputs
Warn
Audited by Snyk on Feb 25, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The skill's Document Generation and Fallback Strategy explicitly allow using public test file URLs (e.g., the "Last resort" public PDF URL and "use public test file URLs as fallback"), meaning the agent may fetch and ingest content from open/public websites as inputs to pipelines.
Audit Metadata