fsi-er-catalyst-calendar
Warn
Audited by Snyk on Jun 21, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The workflow ingests catalyst details from external sources at runtime (e.g., “verify against company IR pages and Bloomberg/FactSet closer to the date” and “conference attendance lists”), which are outsider-authored web/third-party text that can be fed into the agent’s LLM context via the “Gather Catalysts” → “Weekly Preview” generation steps.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata