skills/agenticstack-sh/agenticstack-skills/explore-category/Snyk

explore-category

Warn

Audited by Snyk on Jun 18, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). The required workflow fetches public web content at runtime from https://agenticstack.sh/api/json/categories and .../categories/{slug}, and then ingests the returned body, tools, comparisons, and feature_definitions (readable JSON/markdown) into the agent’s LLM context—an outsider-authored source.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.90). The skill issues runtime GET requests to https://agenticstack.sh/api/json/categories and https://agenticstack.sh/api/json/categories/{slug} and uses the returned JSON (including the body editorial content and feature definitions) to construct the agent's prompts/responses, so external content directly controls agent output.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 18, 2026, 03:26 PM

Issues

2

Security Audit — snyk — explore-category