x-mastery-mentor

Warn

Audited by Snyk on May 28, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 在场景E“账号诊断与数据采集”中,Skill会通过 computer-use/浏览器工具打开 https://x.com/{username} 并滚动截图、read_page/DOM提取近100条推文的“文本”等可读内容(外部作者的推文正文),随后将其整理成 tweets_{date}.md/json 并用于生成诊断报告,从而把OUTSIDER文本喂入LLM上下文。

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill's Scene E explicitly uses the computer-use tool to open and scrape https://x.com/{username} at runtime (screenshot/scroll/DOM extraction) and then injects that fetched tweet data into the agent's analysis/reporting pipeline, so the external URL is fetched during runtime and directly controls the agent's outputs.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 28, 2026, 03:00 PM
Issues
2
Security Audit — snyk — x-mastery-mentor