skills/agenticstack-sh/agenticstack-skills/compare-tools/Snyk

compare-tools

Warn

Audited by Snyk on Jun 18, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.75). The skill calls AgenticStack’s runtime compare endpoint (/api/json/tools/compare?...) and ingests the returned editorial_comparison.body markdown prose into the agent context; that prose is outsider-authored editorial content from a third-party site (public web content fetched at runtime).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill instructs the agent to fetch AgenticStack endpoints at runtime (e.g. https://agenticstack.sh/api/json/tools/compare?tools={slugA},{slugB} and https://agenticstack.sh/api/json/tools) and use the returned feature_definitions and editorial_comparison.body directly to build the comparison output, meaning remote content controls the agent's output/prompting.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 18, 2026, 03:26 PM

Issues

2

Security Audit — snyk — compare-tools