univer-team-standup
Warn
Audited by Snyk on May 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The Auto workflow's "Evidence sources" explicitly includes "Git and GitHub: commits, branches, PRs, issues, review comments, CI results" (Workflow: Auto / Collection rules), which are public/user-generated third-party contents that the agent must read and summarize and which directly influence priority, status, and write/submit decisions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). The skill explicitly bootstraps required code at runtime (e.g.,
npx skills add dream-num/skillswhich pulls https://github.com/dream-num/skills andnpm install -g univer-cli@latestwhich installs remote npm package code) and those fetched repositories/packages are required dependencies that will install and run code locally, so they can execute remote code used by the agent.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata