pp-trustpilot

Warn

Audited by Snyk on May 20, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches public, user-generated Trustpilot reviews via the trustpilot-pp-cli (see commands like agent-bundle, top-recent, reviews, and search-reviews in SKILL.md), and those reviews are returned for agents to read and use to influence decisions, so untrusted third-party content can indirectly inject instructions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 20, 2026, 09:47 PM
Issues
1
Security Audit — snyk — pp-trustpilot