sales-email-tracking
Warn
Audited by Snyk on May 19, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to fetch and read platform SKILL.md files from a public GitHub URL (e.g., https://raw.githubusercontent.com/sales-skills/sales/main/skills/{skill-name}/SKILL.md) as part of its required "Before recommending a specific platform skill" workflow, meaning untrusted third‑party content is fetched and can directly influence tool selection and subsequent actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). This skill explicitly instructs the agent at runtime to WebFetch SKILL.md from raw GitHub (e.g. https://raw.githubusercontent.com/sales-skills/sales/main/skills/{skill-name}/SKILL.md), and that fetched text is then used to ground and directly control the agent's prompts/recommendations.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata