announcement-analysis

Warn

Audited by Snyk on Jun 29, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (medium risk: 0.65). 该技能在 Step 1/3/数据不完整时会调用 web_search(以及可能的 web_fetch)补充公告原文/舆情;这些来自公共网页的自由文本会被读入并进入 LLM 上下文,属于“公共 web 内容在运行时抓取/检索后被模型读取”的外部来源。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 29, 2026, 06:41 AM
Issues
1
Security Audit — snyk — announcement-analysis