pp-spotify
Warn
Audited by Snyk on May 19, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill drives the Spotify Web API and explicitly ingests public, user-generated content (e.g., the "discover via-playlists" command that searches public playlists and other "browse" endpoints) which the agent is expected to read and act on as part of its workflow, so untrusted third-party content could influence subsequent tool use.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata