pp-espn
Warn
Audited by Snyk on May 24, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches live data from ESPN's public endpoints (e.g., espn-pp-cli today, summary, news, sync) which the agent ingests in --agent mode and uses those responses to drive follow-up commands (e.g., selecting games to watch), so untrusted third-party content from ESPN/public news endpoints could indirectly influence agent actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata