turbo
Warn
Audited by Snyk on Mar 5, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill instructs the agent/runtime to fetch and process HTML and real-time stream messages from arbitrary URLs (e.g., turbo-frame src="/..." and turbo-stream-source src="wss://example.com/updates" / Mercure subscriptions) so untrusted or user-generated third‑party responses can be ingested and executed as Turbo stream/frame actions that can change behavior beyond mere display.
Audit Metadata