marketing-public-relations
Warn
Audited by Snyk on Jul 3, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The skill’s runtime workflow for “newsjacking” and “journalist pitching” uses browser-driven research (e.g.,
dev-browserto open Google News/outlet pages and scrape recent articles/bylines), which ingests outsider-authored free text from public web pages into the agent’s LLM context.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.70). The skill's newsjacking workflow contains explicit runtime fetches (curl) of live content that feed the agent's detection/angle generation—e.g. https://news.google.com/rss/search?q=QUERY (also hn.algolia.com and https://www.reddit.com/r/SUBREDDIT/top.json)—so external content fetched at runtime can directly control agent prompts/outputs.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata