skills/zainhas/skills/together-audio/Snyk

together-audio

Warn

Audited by Snyk on Mar 30, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). This skill explicitly supports ingesting audio from public HTTP/HTTPS URLs (see references/stt-models.md "file = ... URL" and SKILL.md "Transcribe uploaded audio files or URLs"), so arbitrary third‑party audio content can be read and influence transcription-driven agent actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 30, 2026, 06:15 PM

Issues

1