sales-youscan
Warn
Audited by Snyk on Jun 14, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Runtime LLM context can include outsider-authored free text from YouScan webhook payloads (e.g.,
title/textfields from third-party social posts) when the skill forwards mention data into the agent’s prompt; this is an indirect prompt-injection path via external user-generated content.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata