problem-analysis

Warn

Audited by Snyk on Apr 1, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly dispatches an external-check-agent that "MUST use WebSearch for every factor" (agents/external-check-agent.md) and the Data Gathering Pause instructs using WebSearch for publicly available evidence — results from those public web searches are ingested and merged into the logic tree and hypotheses, so untrusted third-party web content can directly influence agent decisions and next actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 1, 2026, 04:32 AM
Issues
1
Security Audit — snyk — problem-analysis