Skills
skills/rolandsmeenk/lensstudioagents/lens-studio-user-context/Snyk

lens-studio-user-context

Warn

Audited by Snyk on Mar 28, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly reads untrusted, user-generated Poster data in the "Reading Poster data in Responder mode" section (dynamicResponse.getPosterData(...)) and uses that string to drive UI/logic, so third-party content from other users can materially influence behavior and enable indirect prompt injection.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 28, 2026, 04:20 PM
Issues
1