spots
Warn
Audited by Snyk on Feb 21, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the tool queries the Google Places API (and fetches place data and user reviews via commands like "spots reviews") which are external, user-generated/public third-party content that the agent reads and uses to filter/select results (min-rating, reviews, exports), enabling indirect instruction influence from those sources.
Audit Metadata