Skills
skills/pluginagentmarketplace/custom-plugin-ai-engineer/agent-frameworks/Snyk

agent-frameworks

Warn

Audited by Snyk on Mar 1, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's main workflow (SKILL.md) and agent_config.yaml explicitly include a "web_search"/Search tool ("Search the web") and ReAct/Plan-and-Execute examples where the agent performs searches and uses the returned observations to decide next actions (and the docs also show an API wrapper using requests.get), which clearly means the agent would fetch and interpret open/public third-party content that can influence its behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 1.00). The LangChain example uses hub.pull("hwchase17/react") at runtime to fetch an external prompt which is directly passed into create_react_agent, meaning external content (hwchase17/react) controls the agent's prompts.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 07:47 PM