student-feedback-retention-analysis

Warn

Audited by Snyk on Jun 13, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 该技能的运行时上下文由用户在 studentFeedbackText/retentionEventNotes/learnerCohortContext 等字段粘贴的“学员反馈、续费顾虑、退课原因、社群反馈或访谈摘录”组成,这些文本通常来自非操作用户(外部学员/他人),会被上下文拼接后送入 LLM(contextComposer)。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 13, 2026, 03:35 AM
Issues
1
Security Audit — snyk — student-feedback-retention-analysis