skills/openshift/lightspeed-service/resolve-cve/Snyk

resolve-cve

Warn

Audited by Snyk on May 16, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to use WebSearch to look up the CVE on the public NVD (e.g., "CVE-2026-33231 NVD") to obtain the CVSS score, meaning it fetches and interprets content from an open/public third-party site that can influence the assessment and subsequent actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 16, 2026, 11:32 AM

Issues

1

Security Audit — snyk — resolve-cve