sales-replyagent
Warn
Audited by Snyk on Jun 14, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Outsider free text can enter the LLM context via the
/api/importworkflow: the skill ingests Reddit post content from user-supplied URLs (public web pages authored by third parties) and generatesgenerated_textfrom that thread context.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The skill includes runtime REST API calls to ReplyAgent (e.g., https://www.replyagent.ai/api/import and related https://www.replyagent.ai endpoints) which return AI-generated "generated_text" used as comment content—remote content that directly controls what is posted at runtime.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata