skills/rivet-dev/skills/chat-room/Snyk

chat-room

Warn

Audited by Snyk on Jun 16, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). The skill’s runtime path is the chat-room actor’s sendMessage(sender, text) action, where text is free-form client-authored input (outsider message content) that is then stored/broadcast as readable prose (message.text) into the actor’s context and event payloads.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 16, 2026, 08:44 AM

Issues

1

Security Audit — snyk — chat-room