paddle-ocr
Warn
Audited by Snyk on May 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and processes arbitrary remote URLs (file_url) — e.g., scripts/layout_caller.py and lib.parse_document support a --file-url flow (shown in SKILL.md examples) and save_images can download image URLs — so untrusted third‑party documents/images are fetched and their extracted text/images are interpreted and written into outputs, which can materially influence downstream behavior.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata