claude-agent-sdk
Warn
Audited by Snyk on May 19, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly enables fetching and interpreting arbitrary public web content—e.g., the built-in WebSearch/WebFetch tools described in references/built-in-tools.md and the browser-control flows (Chrome extension and agent-browser) in references/browser-control.md and the research-agent examples—so the agent will read and act on untrusted third‑party web pages that could carry indirect prompt injections.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata