asset-discovery
Warn
Audited by Snyk on Apr 8, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to browse and inspect public Playdrop catalogue content (see SKILL.md "Find reusable code, assets, and packs from the public Playdrop catalogue" and commands like
playdrop browse,playdrop search,playdrop detail <ref> --json), which are public/user-generated assets the agent will read and use to make remixing/downloading decisions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata