newsletter-digest
Warn
Audited by Snyk on May 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill's fetch-feeds.js (Step 2 in SKILL.md) reads RSS feeds listed in feeds.json from public websites and writes article summaries to /tmp/newsletter-digest-articles.json which are then embedded verbatim into the Gemini synthesis prompt (Step 4), so arbitrary, untrusted third‑party feed content can directly influence generation and publishing decisions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill's runtime fetch script loads external RSS feeds (e.g. https://feeds.feedburner.com/TheHackersNews, https://hnrss.org/frontpage, https://www.infoq.com/feed/, https://changelog.com/feed, https://css-tricks.com/feed/) and injects the fetched article titles/excerpts directly into the Gemini synthesis prompt, so remote content fetched at runtime can directly control model instructions and is a required dependency.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata