uapi-get-history-programmer
Warn
Audited by Snyk on Jun 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). 该 skill 运行时通过调用其封装的公开 API
GET /history/programmer获取“程序员历史事件”列表;该接口返回的文本属于第三方(UAPI)来源的内容,会被读入并进入代理 LLM 上下文,从而构成外部自由文本注入风险。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata