skills/stellar/stellar-core/subsystem-summary-of-historywork/Snyk

subsystem-summary-of-historywork

Warn

Audited by Snyk on Apr 29, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill downloads and parses files from remote history archives (e.g., GetRemoteFileWork/GetAndUnzipRemoteFileWork and GetHistoryArchiveStateWork fetch and parse HAS JSON and XDR files from history archives) and uses that content to drive verification, publish, and adopt flows, so untrusted archive content can materially influence subsequent actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 29, 2026, 10:09 AM

Issues

1

Security Audit — snyk — subsystem-summary-of-historywork