kaiyu-qichacha-fetcher

Warn

Audited by Snyk on Jun 13, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 运行时 LLM 上下文会包含企查查 API 返回的 Result/Message 等字段(通过 duediligence.render_markdown() 把 JSON 数据嵌入 markdown 并返回给用户/LLM),而这些文本来自外部第三方数据源(企查查 OpenAPI),属于“外部系统返回的自由文本/记录内容”。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 13, 2026, 01:24 PM
Issues
1
Security Audit — snyk — kaiyu-qichacha-fetcher