research
Warn
Audited by Snyk on Mar 9, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly fetches and ingests public third-party content (parliamentary transcripts via https://parlamento.ai/api/external/research/transcripts and /transcript/[id], and Official Journal PDFs via https://parlamento.ai/api/external/research/official-journal referencing BOE/EUR-Lex/Diario Oficial) and mandates the agent to read and use that content to drive analysis and report generation, which could allow indirect prompt-injection from untrusted public pages;
Audit Metadata