epub

Warn

Audited by Snyk on Jul 3, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.95). At runtime, the skill reads the user-supplied EPUB file (a ZIP) and extracts its XHTML/HTML chapter bodies and TOC/nav content as text (e.g., loadEpub()zip.file(...).async("text") and getChapterContent()htmlToMarkdown(content)), which is outsider-authored free text embedded in the EPUB.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 3, 2026, 11:56 PM
Issues
1
Security Audit — snyk — epub