seo-content-brief
Warn
Audited by Snyk on Jul 7, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). SKILL.md instructs runtime web research via
belt app run tavily/search-assistantandexa/search(public web content fetched/scraped at runtime), which can include outsider-authored free text that the agent then ingests into the LLM context for analysis.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The skill explicitly depends on the inference.sh CLI (https://inference.sh) and invokes remote apps via "belt app run" (e.g., tavily/search-assistant, exa/search) at runtime—meaning it calls remote services that execute code and produce the prompts/results the skill relies on (the install pointer to https://raw.githubusercontent.com/inference-sh/skills/refs/heads/main/cli-install.md is also referenced for runtime setup).
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata