self-improving-loop

Warn

Audited by Snyk on Jun 17, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Stage 1에서 mcp__langfuse__query_traces로 Langfuse trace를 조회하며, trace에는 “프롬프트, 응답, user_feedback” 등 텍스트가 포함되어 LLM 컨텍스트에 들어갈 수 있으므로(외부 사용자/제3자 작성 메시지 포함 가능) outsider free text가 간접 주입될 위험이 있습니다.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 17, 2026, 01:28 AM
Issues
1
Security Audit — snyk — self-improving-loop