skills/lebsral/dspy-programming-not-prompting-lms-skills/ai-coordinating-agents/Snyk

ai-coordinating-agents

Warn

Audited by Snyk on May 13, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill explicitly calls web retrievers and search tools (e.g., the search_web function in SKILL.md and DuckDuckGoSearchRun / retriever(...).passages in examples.md) so agents ingest arbitrary public web/search results which are untrusted third-party content and can influence routing, decisions, and actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 13, 2026, 06:45 PM

Issues

1