skills/housegarofalo/claude-code-base/copilot-studio/Snyk

copilot-studio

Warn

Audited by Snyk on Mar 15, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill's "Knowledge Sources" instructions explicitly allow adding Public websites ("Crawl up to 4 levels from a URL" and "Website: Enter root URL, set crawl depth (1-4)"), which the copilot indexes and uses for generative answers, so untrusted third-party web content can be ingested and influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Potentially malicious external URL detected (high risk: 0.70). The skill's website embed snippet loads and executes remote JavaScript at runtime from https://cdn.botframework.com/botframework-webchat/latest/webchat.js, which is a required external dependency and therefore can execute remote code in the agent environment.

Issues (2)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012

MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 15, 2026, 11:08 AM

Issues

2

Security Audit — snyk — copilot-studio