Skills
skills/opensearch-project/opensearch-agent-skills/search/Snyk

search

Warn

Audited by Snyk on May 8, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to ingest and process third‑party documents (document_processing_guide.md shows Docling converting from arbitrary URLs) and to optionally invoke external web search (agentic_search_guide lists a WebSearchTool / DuckDuckGo), so the agent will read and act on untrusted public web/user-generated content as part of its workflow.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 8, 2026, 07:45 AM
Issues
1