uapi-get-network-whois
Warn
Audited by Snyk on Jul 9, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). 该 skill 的运行时会调用公开网络诊断接口
GET /network/whois,其返回字段whois可能包含“原始、未处理的WHOIS文本字符串”(外部域名注册信息文本),从而把非由操作用户撰写的自由文本内容进入 LLM 上下文。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata