twg-operational-health
Warn
Audited by Snyk on Jul 6, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The skill’s runtime workflow can ingest outsider-authored free text from incident/PIR artifacts—e.g., “Hydrate the selected incident/review pair with full fields and comments” and “Fetch the post-incident document only when fields/comments do not contain enough narrative,” where those comments/PIR narratives are typically written by non-operating-user participants—into the agent’s LLM context.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata