weave
Warn
Audited by Snyk on Mar 1, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly pulls human-generated review content via pull_plan and pull_code_feedback (see SKILL.md and references/tools-plan.md / references/tools-code-review.md), which the agent must read and act on, so untrusted third-party user comments from the Weave web UI can materially influence its actions and enable indirect prompt injection.
Audit Metadata