powerpoint-automation

Warn

Audited by Snyk on May 17, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses public web articles and arbitrary URLs as part of its required EXTRACT phase (see SKILL.md Quick Start "From Web Article", references/instructions/purpose-blog.instructions.md with curl/fetch steps, and references/instructions/common.instructions.md "Complete Extraction"), so the agent ingests untrusted, user-generated third‑party web content that directly produces content.json and drives subsequent tool actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 17, 2026, 10:54 AM
Issues
1
Security Audit — snyk — powerpoint-automation