smoke-test

Warn

Audited by Snyk on May 15, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's run loop and execution guide explicitly direct the agent to navigate to and validate a target URL supplied by the smoke file or the user (see "Resolve target URL" in references/execution.md and the SKILL.md run steps) using the browse tool, so it will load and interpret arbitrary external webpages whose content can influence authentication, case decisions, and subsequent tool actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 15, 2026, 02:07 AM
Issues
1
Security Audit — snyk — smoke-test