Skills
skills/sundial-org/awesome-openclaw-skills/travel-concierge/Snyk

travel-concierge

Warn

Audited by Snyk on Mar 23, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the CLI to scrape and browser-automate public accommodation listing pages (e.g., Airbnb, Booking.com, VRBO, Expedia) to extract contact details, so the agent will fetch and interpret untrusted, user-generated third-party web content.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 23, 2026, 05:54 PM
Issues
1