skills/nexu-io/html-video/frame-creative-voltage/Snyk

frame-creative-voltage

Warn

Audited by Snyk on Jun 13, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). This skill’s runtime LLM context is fed by the user-provided free-text inputs (display_lines, script, meta, caption) that are not authored by the operating user (outsider content), and those strings are rendered into the HTML/CSS/SVG (readable text) via the template’s input schema.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 13, 2026, 04:27 PM

Issues

1

Security Audit — snyk — frame-creative-voltage