message-test-designer

Warn

Audited by Snyk on Jul 5, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). The skill ingests user-provided candidate message variants (and possibly pasted canon/panel notes) as untrusted free text, and those variants are then included verbatim in the generated test design spec that is fed into the agent’s LLM context at runtime—this is outsider-authored free text when the user did not author the variants themselves.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 5, 2026, 04:15 PM
Issues
1
Security Audit — snyk — message-test-designer