problem-analysis
Warn
Audited by Snyk on Apr 1, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly dispatches an external-check-agent that "MUST use WebSearch for every factor" (agents/external-check-agent.md) and the Data Gathering Pause instructs using WebSearch for publicly available evidence — results from those public web searches are ingested and merged into the logic tree and hypotheses, so untrusted third-party web content can directly influence agent decisions and next actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata