supplier-delivery-risk-summary
Warn
Audited by Snyk on Jun 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). 该技能的运行时上下文由用户提供的自由文本字段
supplierDeliveryText(以及可能的supplierPortalLink/上传文件转成文本)进入 LLM;其中supplierDeliveryText属于“操作用户选择粘贴的外部材料/供应商沟通记录”,属于外部作者的自由文本,存在间接提示注入风险。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata