Skills
skills/toolshell/skills/javascript-sdk/Snyk

javascript-sdk

Warn

Audited by Snyk on Mar 7, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The SDK documentation and agent patterns explicitly show agents fetching and using open web content — e.g., references/agent-patterns.md RAG pattern uses an appTool 'tavily/search-assistant' to "Search the web", references/tool-builder.md shows internalTools().webSearch(true), references/files.md permits using remote URLs (https://...) for inputs, and references/sessions.md demonstrates browser-automation visiting arbitrary URLs — so untrusted third-party content is ingested and can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill examples include a skills entry with an external URL (https://example.com/skills/api-docs.md) which is intended to be loaded as reusable agent context and therefore would be fetched at runtime and could directly control prompts if malicious.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 7, 2026, 12:01 PM