Skills
skills/magic-meal-kits/mmk-skills/mmk-notion-database-ai-summary/Snyk

mmk-notion-database-ai-summary

Warn

Audited by Snyk on Mar 15, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and processes user-generated Notion content via commands like "mmk notion database query" and "mmk notion database ai-summary" (Steps 1–4), meaning it ingests untrusted third-party pages from a Notion database and uses that content to drive AI summarization and write actions, which could enable indirect prompt injection.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 15, 2026, 04:27 PM
Issues
1