webmcp-dev-patterns
Warn
Audited by Snyk on Mar 19, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill's "Before writing code" instructions explicitly tell the agent to fetch live docs (e.g., https://developer.chrome.com/blog/webmcp) and to perform web-searches for community "webmcp development best practices patterns," which requires ingesting public third-party content (including user/community sources) that the agent is expected to read and that could influence its actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata