cargo-orchestration

Warn

Audited by Snyk on May 13, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly documents and examples using third‑party "connector" nodes (references/nodes.md and references/actions.md) — including HTTP and Clearbit integrations — and shows agents given actions/resources (references/agents.md) so the agent can fetch and ingest arbitrary external API/web content and use those outputs in downstream node logic, which could enable indirect prompt injection from untrusted public sources.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 13, 2026, 12:23 PM
Issues
1