sales-yoast
Warn
Audited by Snyk on Apr 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md and references/platform-guide.md) explicitly instructs the agent to fetch and parse Yoast REST endpoints such as GET /wp-json/yoast/v1/get_head?url={page-url} / yoast_head_json from arbitrary WordPress/Shopify sites, which are untrusted, user-controlled web content that the agent reads and uses to make decisions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata