remediating-with-aws-security-agent
Warn
Audited by Snyk on Jun 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). Outsider-authored free text is ingested into the LLM context via AWS Security Agent API responses in Stage 2/3—specifically the exported finding fields (e.g.,
description,reasoning,attackScript,remediationCode) returned bylist-findings/batch-get-findingsand then read back from.security-agent/for triage, where those fields can contain exploit/reproduction text authored by the scanning system rather than the operating user.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata