podwise
Warn
Audited by Snyk on May 7, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and processes public third‑party content (e.g., YouTube and Xiaoyuzhou links and Podwise episode URLs) via commands like "podwise process " and "podwise ask "..." --sources" (see references/cli.md and workflows/topic-research.md), and those transcripts/summaries are read and used to drive triage, recommendations, and follow-up actions—creating a clear channel for indirect prompt injection.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill's installation instructions instruct the user to fetch-and-execute remote code (curl -sL https://raw.githubusercontent.com/hardhackerlabs/podwise-cli/main/install.sh | sh) and offer building from a cloned repo (git clone https://github.com/hardhackerlabs/podwise-cli.git), which would execute remote code as part of required CLI setup for the skill to run.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata