frontend-design
Warn
Audited by Snyk on Jun 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). Skill runtime context is composed from user-provided fields like
materialUrl(public page link) andmaterialText/materialFile; if the operating user supplies an outsider-authored page/message/document, its readable text can be ingested into the LLM via the skill’s context composer (x-layout.mode: contextComposer, required-any-of includesmaterialText/materialFile/materialUrl).
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata