zsxq-shared
Warn
Audited by Snyk on May 19, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md instructs the agent to call and read live user-generated content via zsxq-cli API commands (e.g., "zsxq-cli api call search_groups", "zsxq-cli api call get_user_footprints", and "zsxq-cli api raw --method GET --path /v2/groups/.../topics"), which fetches untrusted third-party forum/group/topic content that the agent is expected to interpret and could materially influence subsequent actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata