vss-manage-alerts
Warn
Audited by Snyk on Jun 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). The required runtime workflow for Slack notifications (Workflow E) ingests outsider-authored free text from Alert Bridge incident payloads (e.g.,
info.reasoning,info.prompt,category, etc.) into the webhook server, which then formats and sends that text to Slack; this incident content originates from external alerting/VLM outputs rather than the operating user’s own prompts/files.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The alert-notify playbook (references/alert-notify.md) requires a mandatory runtime pip install that fetches packages from PyPI (e.g. https://pypi.org/), which pulls remote code at skill startup into .pip-packages and is then imported/executed by the webhook server — a required runtime fetch that can execute remote code.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata