file-search
Warn
Audited by Snyk on May 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). This skill explicitly instructs agents to hand off to and fetch external issue/PR/wiki/web content (see SKILL.md "Beyond Local Files" and references/remote-handoff.md which mention gh, Jira, WebFetch, Playwright), i.e., untrusted public user-generated sources the agent is expected to read and that can materially influence tool use and decisions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata