refero-design
Warn
Audited by Snyk on Jun 10, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The skill’s runtime LLM context can include outsider-authored free text when it uses Refero MCP tools like
refero_search_styles,refero_get_style,refero_search_screens,refero_get_screen, orrefero_get_flow, because those tools return natural-language descriptions and on-screen/copy text extracted from third-party web/app sources that the operating user did not author.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata