skills/borski/travel-hacking-toolkit/tripadvisor/Snyk

tripadvisor

Warn

Audited by Snyk on Jun 14, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.95). Outsider-authored free text is ingested when the workflow calls TripAdvisor’s location/{locationId}/reviews endpoint, whose JSON includes text and title fields containing third-party review content; the LLM would read that response body as prompt context.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 14, 2026, 12:10 PM

Issues

1

Security Audit — snyk — tripadvisor