launch-feedback-synthesizer
Warn
Audited by Snyk on Jul 6, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.95). Outsider free text is ingested via the runtime “Reads” path: the skill pulls/accepts untrusted feedback exports such as launch-platform community threads, store reviews, feedback-board posts, and support-ticket text (from connectors like
scripts/connectors/hn.py/appstore.py/gdelt.pyor pasted exports), and then clusters representative verbatim quotes into the LLM context.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata