summarize
Warn
Audited by Snyk on Mar 2, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the tool to fetch and summarize/transcribe arbitrary public URLs and YouTube links (e.g., examples like summarize "https://example.com" and "https://youtu.be/..."), meaning the agent ingests untrusted third-party content that it reads and acts on—creating a clear avenue for indirect prompt injection.
Audit Metadata