partner-google

Warn

Audited by Snyk on Jun 14, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (medium risk: 0.65). The skill’s required workflow ingests outsider-authored free text via the public A2A protocol guide path (https://www.frankx.ai/guides/agent-card-a2a-spec / /guides/agent-card-a2a-spec) or other public content surfaces, which are fetched/used at runtime as readable prose and can contain indirect prompt-injection payloads.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 14, 2026, 06:40 AM
Issues
1
Security Audit — snyk — partner-google