Skills
skills/anthropics/claude-for-legal/entity-compliance/Snyk

entity-compliance

Warn

Audited by Snyk on May 13, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and parses user-supplied third-party compliance reports in Mode 3b ("/corporate-legal:entity-compliance --update --from-report" — reading CT Corp/National Registered Agents or similar PDF/CSV/Excel reports) and uses that untrusted content to update tracker fields and statuses, which directly influence subsequent decisions and actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 13, 2026, 12:40 AM
Issues
1