OSINT
Warn
Audited by Snyk on Jun 30, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.78). The OSINT workflows (e.g.,
Workflows/CompanyLookup.mdPhase 6 /Workflows/DomainLookup.mdPhase 8 /Workflows/EntityLookup.mdPhase 4) deploy external researcher agents (Perplexity/Claude/Gemini/Grok) that at runtime fetch and summarize public web content from outsider-authored sources (e.g., arbitrary pages/results from sites like Google News, GDELT, VirusTotal, Shodan, etc.), which then becomes readable free text in the agents’ LLM context—an indirect prompt-injection exposure path.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata