audio-transcription

Warn

Audited by Snyk on May 18, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill explicitly downloads and ingests arbitrary public web media and provider output URLs as part of its core workflow — e.g., _postplus_shared/00-core/.../download_videos_from_manifest_with_ytdlp.mjs uses item.sourceUrl with yt_dlp, scripts/_shared.mjs's resolveProviderMediaInput accepts https:// URLs, and downloadProviderOutputs calls fetch(remoteUrl) — so untrusted third‑party content is read and can influence transcription and downstream actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 1.00). This skill makes runtime calls to the PostPlus hosted API (e.g. ${config.apiBaseUrl}/api/postplus-cli/hosted/capability and ${auth.apiBaseUrl}/api/postplus-cli/auth/refresh), and the remote responses may include productError.quoteConfirmation / agentAction fields (confirmationCommand, retryCommandTemplate) that are injected into agent error handling and used as agent instructions, so external content fetched at runtime can directly control agent prompts/commands and the skill depends on that hosted endpoint.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 18, 2026, 04:51 PM
Issues
2
Security Audit — snyk — audio-transcription