zentao-tour

Warn

Audited by Snyk on Jun 30, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.72). 该技能在运行时主要通过 zentao profilezentao product/task/story/... 等 zentao-cli 命令拉取禅道“当前账号/项目/任务/需求/用例/BUG”等数据并把返回的 Markdown/JSON 文本喂给代理模型;这些内容属于禅道系统中由“非操作用户”产生的记录正文/字段(如他人创建的需求、Bug 标题/描述、测试步骤等),属于“OUTSIDER-AUTHORED FREE TEXT/文本字段”经由运行时 API/CLI 输出进入 LLM 上下文的间接提示注入风险。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 30, 2026, 02:11 AM
Issues
1
Security Audit — snyk — zentao-tour