Skills
skills/velt-js/agent-skills/velt-comments-best-practices/Snyk

velt-comments-best-practices

Warn

Audited by Snyk on May 14, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill instructs the agent to ingest and act on user-generated comment annotations fetched from the Velt service (e.g., via useCommentAnnotations, client.getCommentElement(), VeltCommentsSidebar handlers and VeltProvider/VeltComments examples) and explicitly uses those annotations' context/location to drive actions like navigation or seeking, so untrusted third-party content can influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill includes an HTML runtime loader that fetches and executes remote JavaScript from https://cdn.velt.dev/lib/sdk@latest/velt.js (via a ), which is a required SDK dependency and thus executes remote code at runtime.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 14, 2026, 05:33 AM
Issues
2