skills/jeremylongshore/claude-code-plugins-plus-skills/apollo-core-workflow-a/Snyk

apollo-core-workflow-a

Warn

Audited by Snyk on May 25, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The skill explicitly calls Apollo's external public APIs (e.g., POST /mixed_people/api_search, /mixed_companies/search, /people/match, /people/bulk_match) and ingests returned contact/organization data which the workflow reads and uses to score leads and decide/enact enrichment, so untrusted third‑party content could materially influence agent actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 25, 2026, 07:16 AM

Issues

1

Security Audit — snyk — apollo-core-workflow-a