skills/witanlabs/witan-cli/read-source/Snyk

read-source

Warn

Audited by Snyk on Mar 26, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 1.00). The skill explicitly supports fetching and reading arbitrary public URLs (see "Read from URLs" and the Quick Reference example witan read https://example.com/report.pdf in SKILL.md), so untrusted third‑party web content is ingested and can influence downstream parsing and spreadsheet actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 26, 2026, 01:24 PM

Issues

1