product-manager-toolkit
Warn
Audited by Snyk on Jun 23, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The runtime workflow for interview analysis ingests the contents of
interview.txt(passed as a file path argument) into the script as plain text (f.read()), and if that transcript is authored by an outsider, that outsider free text is then processed and included in the script’s output/LLM context; no such outsider source is excluded by the provided SKILL.md.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata