opc-legal-counsel

Warn

Audited by Snyk on May 20, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The SKILL.md and references/ai-compliance.md explicitly instruct the agent to perform official retrieval and directed verification of public sources (e.g., “提示后续 AI 去做官方检索 / 定向核验”, “核验上游模型备案状态 / 登录国家网信办官网”), requiring the agent to fetch and read open/public third‑party pages (model registries, service terms, announcements) whose content will materially affect decisions (launch, compliance, actions).

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 20, 2026, 04:24 AM
Issues
1
Security Audit — snyk — opc-legal-counsel