steve-jobs-perspective

Warn

Audited by Snyk on May 29, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). SKILL.md 的 REQUIRED workflow 在 Step 2 明确要求运行时使用 WebSearch 等工具获取“真实信息/用户评价/评测/网页内容”,这些来自公共网页的抓取文本属于外部作者的自由文本,会被读入并进入代理的 LLM 上下文。

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

  • Hidden Unicode characters detected (1 type(s) found)

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W021
MEDIUM

Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 29, 2026, 02:44 PM
Issues
2
Security Audit — snyk — steve-jobs-perspective