Warn
Audited by Snyk on Mar 5, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to navigate, snapshot, and extract links from public Reddit pages (e.g., camofox navigate https://www.reddit.com and https://old.reddit.com/r/test/comments/POST_ID/), meaning it fetches and reads user-generated, untrusted third‑party content which can directly influence which links/actions (clicks, comments, replies) the agent performs.
Audit Metadata