cargo-orchestration
Warn
Audited by Snyk on May 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly documents and examples using third‑party "connector" nodes (references/nodes.md and references/actions.md) — including HTTP and Clearbit integrations — and shows agents given actions/resources (references/agents.md) so the agent can fetch and ingest arbitrary external API/web content and use those outputs in downstream node logic, which could enable indirect prompt injection from untrusted public sources.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata