skills/delorenj/google-agent-skills/context-engineering/Snyk

context-engineering

Warn

Audited by Snyk on Apr 16, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs loading external docs and MCP integrations that "auto-fetches relevant documentation for libraries" (Context7) and GitHub issue/PR/repo context, showing the agent will ingest untrusted public third-party content as part of its workflow that can influence actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 16, 2026, 10:10 AM

Issues

1