feed-ft
Fail
Audited by Snyk on Jun 16, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E004: Prompt injection detected in skill instructions.
- Potential prompt injection detected (high risk: 1.00). The adapter claims "headlines only" yet embeds explicit, out-of-scope instructions to bypass paywalls (e.g., spoof Googlebot UA, use a 'bypass-paywalls-clean' Chrome extension and archive workarounds), which are deceptive and exceed the skill's stated purpose.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). Runtime path: the skill fetches FT RSS (
https://www.ft.com/rss/home//rss/markets) and ingestschannel > itemfields liketitle,link,pubDate, and optionallydescription—these are publisher-provided text from an external third party (Financial Times) that the operating user did not author.
MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
- Hidden Unicode characters detected (1 type(s) found)
Issues (3)
E004
CRITICALPrompt injection detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W021
MEDIUMHidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
Audit Metadata