ai-execute-task
Warn
Audited by Snyk on Jul 7, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). Outsider-authored free text is ingested via the runtime “Read the PRD, tech spec, tasks, and the specific NN-task.md with the Read tool” path from Obsidian vault files (e.g.,
engineering/<project>/workplans/<feature>/prd.md,tech-spec.md,tasks.md, andNN-task.md), which are not guaranteed to be authored by the operating user.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata