skills/julianobarbosa/claude-code-skills/research-report/Snyk

research-report

Warn

Audited by Snyk on Jun 15, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.75). The skill reads output_dir/*.json produced by /research-deep (which can include outsider-authored web content or other third-party text) and then executes a generated script that ingests those JSON values as readable strings into {topic}/report.md via the LLM-driven report generation flow.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 15, 2026, 09:55 AM

Issues

1

Security Audit — snyk — research-report