skills/martinholovsky/sota-skills/sota-code-security/Snyk

sota-code-security

Warn

Audited by Snyk on Jun 17, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). Skill runtime LLM context can be fed outsider-authored free text via the LLM/RAG/ingestion pipeline described in rules/08 (RAG chunks, scraped web pages, tool results) and rules/09 (scraped/webhook/uploaded content) reaching the model context for indirect prompt injection.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 17, 2026, 02:06 PM

Issues

1

Security Audit — snyk — sota-code-security