line-voice-agent

Warn

Audited by Snyk on May 18, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill documents and uses a built-in web_search tool that "Search[es] the web for real-time information" (SKILL.md Built-in Tools and multiple examples showing tools=[web_search], with fallback to DuckDuckGo), which causes the agent to fetch and incorporate untrusted public web content into LLM reasoning and tool-driven decisions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 18, 2026, 04:44 PM
Issues
1