skills/kappaemme-git/local-client-prospector-skill/local-client-prospector/Snyk

local-client-prospector

Warn

Audited by Snyk on May 15, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The SKILL.md "Browser Research Workflow" requires using the integrated browser to search and inspect public directories, business pages, social pages, and search results (e.g., Google Maps, Facebook/Instagram, Linktree) to classify sites and fill lead fields, which clearly ingests untrusted third‑party web content that can influence agent decisions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 15, 2026, 09:58 PM

Issues

1

Security Audit — snyk — local-client-prospector