sales-yoast

Warn

Audited by Snyk on Apr 20, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md and references/platform-guide.md) explicitly instructs the agent to fetch and parse Yoast REST endpoints such as GET /wp-json/yoast/v1/get_head?url={page-url} / yoast_head_json from arbitrary WordPress/Shopify sites, which are untrusted, user-controlled web content that the agent reads and uses to make decisions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 20, 2026, 06:38 PM
Issues
1
Security Audit — snyk — sales-yoast