skills/aroyburman-codes/pm-skills/user-research-synthesis/Snyk

user-research-synthesis

Warn

Audited by Snyk on May 11, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The skill's "Input Formats Supported" explicitly instructs users to paste raw interview notes, survey results, support tickets, and app store reviews—untrusted, user-generated or public third‑party content—which the agent is expected to read and interpret to generate recommendations, so that content can materially influence its actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 11, 2026, 05:11 PM

Issues

1

Security Audit — snyk — user-research-synthesis