legal-ocr

Warn

Audited by Snyk on Jun 30, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 运行时会把“PaddleOCR / MinerU 服务端返回的 OCR 文本与 Markdown(resultUrl/jsonl_url/full_zip_url 解压后的 full.md 等)”作为可读文本写入并继续用于后处理与输出(如 paddle_ocr.pyparse_jsonl_markdown()mineru_ocr.py_download_zip_and_extract() 读取 full.md),这些文本属于非操作用户/非本地作者的外部来源。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 30, 2026, 08:05 AM
Issues
1
Security Audit — snyk — legal-ocr