voice-dossier-builder
Warn
Audited by Snyk on Jul 6, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). High likelihood: the runtime workflow ingests the user-provided “last 30 LinkedIn posts and 10 founder tweets” / “published 笔记 (user export attached)” and other pasted exports/screenshots as untrusted text, and those exports can contain outsider-authored free-form content (e.g., comments/mentions/quoted text within the posts) that the skill then extracts and cites into the LLM context and the generated voice dossier/few-shot bank.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata