transcript-promotion
Warn
Audited by Snyk on Jun 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Outsider-authored free text is ingested from the runtime JSONL transcript file (
--jsonl ~/.claude/projects/<scope>/<project-uuid>.jsonl), which contains prior assistant/user conversation content not authored by the operating user; Phase 1 extracts assistant text from.message.content[].textand Phase 2/3 write it into the LLM-visible plan-file context.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata