knowledge-base-launch-quality-check

Warn

Audited by Snyk on Jun 13, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.72). 该技能在运行时会摄取用户提供的知识库材料(kbArticleSetText 粘贴文本、kbExportFile 上传的导出内容、kbPreviewLink 指向的公开页面/文档内容)并进入 contextComposer 供 LLM 生成诊断,因此存在“外部作者自由文本”通过这些输入被读入的间接提示注入风险。

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The provided runner (scripts/run.py) makes runtime POST requests to the external AI Skills API at https://ai-skills.ai (AISKILLS_BASE_URL, calling /api/execute), so execution and prompt/instruction logic is controlled by that remote endpoint which the skill depends on.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 13, 2026, 03:33 AM
Issues
2
Security Audit — snyk — knowledge-base-launch-quality-check