skills/pskoett/pskoett-skills/plan-interview/Snyk

plan-interview

Warn

Audited by Snyk on May 17, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill's Knowledge Audit explicitly instructs the agent to "load" user-provided references (e.g., "docs URL, API spec, example") before planning, which means the agent will fetch and interpret arbitrary third-party URLs/content that can influence planning and tool use.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 17, 2026, 07:56 AM

Issues

1

Security Audit — snyk — plan-interview