literature-mentor

Warn

Audited by Snyk on Jun 23, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (medium risk: 0.65). 该 skill 的运行时 LLM 上下文主要来自用户选择的论文全文/图表文字(通过 Zotero MCP 等“纯文本通道”读取),而当 Zotero/web fallback 获取到的论文内容属于“非操作用户作者”的外部文献正文/图例/表格时,就会把这些外部自由文本喂入 LLM;因此存在 outsider-authored free text 的间接提示注入风险。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 23, 2026, 07:48 AM
Issues
1
Security Audit — snyk — literature-mentor