skills/ry-run/run-skills/grok-search/Snyk

grok-search

Warn

Audited by Snyk on May 6, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill explicitly uses web_fetch ("fetch and extract full page content") and web_map ("crawl site structure from a root URL") as required execution tools (see SKILL.md Execution tools and references/grok-search.md), so the agent ingests arbitrary public web pages that could contain untrusted, user-generated instructions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 6, 2026, 07:20 AM

Issues

1