product-manager-toolkit

Warn

Audited by Snyk on Jun 23, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). The runtime workflow for interview analysis ingests the contents of interview.txt (passed as a file path argument) into the script as plain text (f.read()), and if that transcript is authored by an outsider, that outsider free text is then processed and included in the script’s output/LLM context; no such outsider source is excluded by the provided SKILL.md.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 23, 2026, 04:40 AM
Issues
1
Security Audit — snyk — product-manager-toolkit