golang-samber-ro

Warn

Audited by Snyk on May 19, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's core documentation and examples (SKILL.md and references/plugin-ecosystem.md and references/patterns.md) explicitly show creating observables from external sources like HTTP (plugins/http), WebSocket/stream sources, and file-watch/I/O plugins—i.e., ingesting arbitrary third-party URLs and stream data that the pipeline reads and acts on—so untrusted external content can directly influence runtime behavior.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 19, 2026, 01:39 PM
Issues
1
Security Audit — snyk — golang-samber-ro