Webdesign
Warn
Audited by Snyk on Jun 30, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). Outsider free text can enter the LLM context via
Workflows/WebsiteToRedesign.md→curl -sL "$URL" > "$OUT/original.html": the fetched live page HTML (public web content) is then used as input to Claude Design inDriveClaudeDesign.ts prompt "$(cat $OUT/brief.md)"(the brief is composed from that captured HTML/screenshot/critique), so arbitrary outsider-authored page text can be ingested.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The WebsiteToRedesign workflow fetches an arbitrary live page at runtime (e.g., curl -sL "$URL" > "$OUT/original.html") and then feeds that HTML/screenshot into the Claude Design brief, meaning user-supplied remote content is fetched during runtime and directly controls prompts given to the design model.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata