Skills
skills/membranedev/application-skills/planyo-online-booking/Snyk

planyo-online-booking

Warn

Audited by Snyk on Apr 30, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md instructs the agent to connect via the Membrane CLI to a Planyo Online Booking connection and to list/run actions (e.g., "membrane connect --connectorKey planyo-online-booking" and "membrane action run ..."), which causes the agent to fetch and interpret third-party Planyo data (user-generated bookings/customers) that can directly influence subsequent actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 30, 2026, 12:52 PM
Issues
1