uapi-get-history-programmer

Warn

Audited by Snyk on Jun 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (medium risk: 0.65). 该 skill 运行时通过调用其封装的公开 API GET /history/programmer 获取“程序员历史事件”列表;该接口返回的文本属于第三方(UAPI)来源的内容,会被读入并进入代理 LLM 上下文,从而构成外部自由文本注入风险。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 16, 2026, 06:30 PM
Issues
1
Security Audit — snyk — uapi-get-history-programmer