skills/openaec-foundation/tauri-2-claude-skill-package/tauri-syntax-permissions/Snyk

tauri-syntax-permissions

Warn

Audited by Snyk on Apr 2, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). This skill's documentation (see "Pattern 7: Remote API Access" and "Example 7: Remote API Access" in SKILL.md) explicitly includes capability files with a "remote.urls" / remote webview configuration that allows arbitrary remote websites to be loaded and to call Tauri APIs, meaning untrusted third‑party content can influence runtime actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 2, 2026, 05:18 PM

Issues

1