building-pydantic-ai-agents

Warn

Audited by Snyk on May 19, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill explicitly enables provider-native and provider-adaptive web access (e.g., WebSearch, WebFetch, WebSearchTool and duckduckgo_search_tool) in references/CAPABILITIES-AND-HOOKS.md, references/NATIVE-TOOLS.md, and references/TOOLS-CORE.md, so agents are expected to fetch and interpret open/public web content (search results and fetched URLs) which can materially influence decisions and tool use.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 19, 2026, 05:53 PM
Issues
1
Security Audit — snyk — building-pydantic-ai-agents