skills/zephyrwang6/info-skill/web-scraper/Snyk

web-scraper

Warn

Audited by Snyk on Apr 30, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and scripts/fetch_url.py explicitly fetch and convert arbitrary external URLs (e.g., via "python3 scripts/fetch_url.py "), causing the agent to ingest untrusted, public web content that could contain instructions influencing downstream decisions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 30, 2026, 04:17 PM

Issues

1