image-workflow

Warn

Audited by Snyk on Apr 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The workflow explicitly calls the sub-skill "rebyteai/internet-search" in Step 2 ("Research References (if needed)"), instructing the agent to fetch and use public web references (brand logos, artists, real products, trends), which are untrusted third-party sources that the agent will read and act on to inform generation decisions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 16, 2026, 05:39 PM
Issues
1
Security Audit — snyk — image-workflow