message-test-designer
Warn
Audited by Snyk on Jul 5, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The skill ingests user-provided candidate message variants (and possibly pasted canon/panel notes) as untrusted free text, and those variants are then included verbatim in the generated test design spec that is fed into the agent’s LLM context at runtime—this is outsider-authored free text when the user did not author the variants themselves.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata