powerpoint-automation
Warn
Audited by Snyk on May 17, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses public web articles and arbitrary URLs as part of its required EXTRACT phase (see SKILL.md Quick Start "From Web Article", references/instructions/purpose-blog.instructions.md with curl/fetch steps, and references/instructions/common.instructions.md "Complete Extraction"), so the agent ingests untrusted, user-generated third‑party web content that directly produces content.json and drives subsequent tool actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata