iblai-search
Warn
Audited by Snyk on Jun 22, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The skill performs runtime HTTP reads from outsider-authored catalog/mentor content (e.g.,
GET /dm/api/search/orgs/{org}/users/{username}/mentors/andGET /dm/api/search/catalog/returndescription/datatext that is then ingested into the agent’s LLM context), which can include free-form text authored by other users/tenants.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata