skills/alexei-led/cc-thingz/deploying-infra/Snyk

deploying-infra

Warn

Audited by Snyk on May 4, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The skill's Step 5 ("Research Best Practices") explicitly instructs the agent to query Perplexity for current best practices, which fetches and ingests open web content (third‑party, potentially user-generated) that the agent is expected to read and could materially influence deployment decisions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 4, 2026, 04:17 AM

Issues

1

Security Audit — snyk — deploying-infra