skills/bobmatnyc/claude-mpm-skills/internal-comms/Snyk

internal-comms

Warn

Audited by Snyk on Jun 16, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.75). The required workflow uses runtime “Gather information” from outsider-authored sources like Slack posts, Google Drive docs, and emails (e.g., other team members’ messages), which are free-form text not authored by the operating user and can be ingested into the LLM context.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 16, 2026, 04:19 PM

Issues

1

Security Audit — snyk — internal-comms