web-archiving
Warn
Audited by Snyk on May 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly fetches and ingests arbitrary public web content (e.g., capture_as_evidence uses requests.get(url) and extract_title, save_to_wayback/search_archive_today call external archive sites, and ArchiveBox add with depth=1 follows page links), so untrusted, user-generated webpages can be read and their contents used to drive subsequent archiving actions and decisions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata