construction-takeoff

Warn

Audited by Snyk on Jun 21, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). Outsider free text is ingested via the “Competitor Analysis (via Firecrawl)” stage: the workflow scrapes competitor webpages (public web content) at runtime and feeds the extracted page text into the agent’s LLM context for “Extracts competitor features and automation capabilities.”

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 21, 2026, 07:19 AM
Issues
1
Security Audit — snyk — construction-takeoff