skills/lifangda/claude-plugins/langchain-architecture/Snyk

langchain-architecture

Warn

Audited by Snyk on Apr 9, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). Yes — SKILL.md explicitly shows loading a web search tool (load_tools(["serpapi", ...]) in the Quick Start) and RAG/document-loader patterns (RetrievalQA, document_loaders, DirectoryLoader) that ingest open/public or user-provided content which the agent reads and can use to choose actions, exposing it to untrusted third-party content.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 9, 2026, 04:00 AM

Issues

1

Security Audit — snyk — langchain-architecture