asset-discovery

Warn

Audited by Snyk on Apr 8, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to browse and inspect public Playdrop catalogue content (see SKILL.md "Find reusable code, assets, and packs from the public Playdrop catalogue" and commands like playdrop browse, playdrop search, playdrop detail <ref> --json), which are public/user-generated assets the agent will read and use to make remixing/downloading decisions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 8, 2026, 06:39 PM
Issues
1
Security Audit — snyk — asset-discovery