skills/sumsubstance/agent-skills/sumsub-check-permissions/Snyk

sumsub-check-permissions

Warn

Audited by Snyk on Jun 12, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). The required workflow calls Sumsub’s API at runtime and ingests the returned JSON body (including human-readable entitlement descriptions) into the agent context; this is outsider-authored free text from a third-party service response.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 12, 2026, 09:58 PM

Issues

1

Security Audit — snyk — sumsub-check-permissions