rag-implementation

Warn

Audited by Snyk on May 14, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill's workflow and references explicitly describe retrieving and ingesting external corpus content (e.g., "retrieve", "retrieved chunks", "no_relevant_context fallback — web search" in SKILL.md §4–§5 and §9, and the corrective RAG control flow in references/compression-and-corrective.md), treat that retrieved content as untrusted, and rely on the LLM to read/grade/use those chunks to decide retrieval/fallback and generate answers—demonstrating the agent will consume untrusted third-party content that can influence actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 14, 2026, 11:15 AM
Issues
1
Security Audit — snyk — rag-implementation