skills/jianshuo/claude-skills/wjs-teaching-english/Snyk

wjs-teaching-english

Warn

Audited by Snyk on May 21, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill's build flow calls the deployed search-app (https://search-app-three-kappa.vercel.app) /api/playlist and fetches season2 clip COS URLs to assemble the HLS supercut, meaning it ingests public third-party media/metadata as part of its runtime workflow.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 21, 2026, 12:58 AM

Issues

1

Security Audit — snyk — wjs-teaching-english