unbroker
Warn
Audited by Snyk on Jul 4, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). At runtime, the skill uses
web_extract/browser_navigateto fetch and parse outsider-authored free text from public broker/people-search pages (e.g.,pdd.py next→scan_inline/fanout_scan→ methods.md ladder), and that extracted page text is ingested into the agent’s LLM context for parsing/evidence.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The skill's runtime refresh (scripts/badbool.fetch / refresh-brokers) pulls and parses the remote BADBOOL markdown from https://raw.githubusercontent.com/yaelwrites/Big-Ass-Data-Broker-Opt-Out-List/master/README.md, and that fetched content is merged into the broker DB and per-site playbooks which directly control the agent's scanning/opt-out steps and prompts.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata