knowledge-base-launch-quality-check
Warn
Audited by Snyk on Jun 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.72). 该技能在运行时会摄取用户提供的知识库材料(kbArticleSetText 粘贴文本、kbExportFile 上传的导出内容、kbPreviewLink 指向的公开页面/文档内容)并进入 contextComposer 供 LLM 生成诊断,因此存在“外部作者自由文本”通过这些输入被读入的间接提示注入风险。
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The provided runner (scripts/run.py) makes runtime POST requests to the external AI Skills API at https://ai-skills.ai (AISKILLS_BASE_URL, calling /api/execute), so execution and prompt/instruction logic is controlled by that remote endpoint which the skill depends on.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata