alibabacloud-nas-mount-diagnosis

Warn

Audited by Snyk on Jun 25, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). The required runtime workflow ingests outsider-authored free text via the user-provided “Error message” and “Mount command” fields (Step 1), which are not authored by the operating user and are passed into the agent/LLM context for diagnosis.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).


MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs running privileged and state-changing operations (e.g., sudo mount, mkdir on root mounts, echo >> /etc/modprobe.d/..., systemctl enable remote-fs.target, registry edits, running privileged inspection scripts and requiring container root/privileged mode), which require elevated/sudo access and modify system files/settings, so it poses a risk of changing the machine state.

Issues (3)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 25, 2026, 09:43 AM
Issues
3
Security Audit — snyk — alibabacloud-nas-mount-diagnosis