datasource-provisioning
Warn
Audited by Snyk on Jun 23, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The workflow fetches plugin-authored schema/config text at runtime from Grafana’s public CDN endpoints (e.g.,
https://plugins-cdn.grafana.net/<PLUGIN_ID>/<VERSION>/public/plugins/<PLUGIN_ID>/schema/dsconfig.jsonandv0alpha1.json), which is outsider-authored free text that the agent will ingest into its LLM context to interpret fields.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill fetches plugin schemas and example configs at runtime (e.g., https://plugins-cdn.grafana.net/<PLUGIN_ID>//public/plugins/<PLUGIN_ID>/schema/dsconfig.json and calls to https://grafana.com/api/plugins) and uses that remote content as the authoritative source to determine which prompts/fields to present and how to build configs, so the external URLs directly control agent behavior.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata