link-rot-scanner
Warn
Audited by Snyk on Jun 25, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The skill fetches outsider-authored free text from the target site at runtime—specifically it retrieves
{base-url}/query-index.jsonor{base-url}/sitemap.xmland then fetches each page’s.plain.htmlto extract<a href>links—so the LLM context can include untrusted page content/metadata originating from parties other than the operating user.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata