neqsim-stid-retriever
Warn
Audited by Snyk on Jun 17, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The required runtime workflow can auto-fetch documents via the configured “Retrieval backend” (e.g., STID document management) and then converts/extracts their contents (PDF→PNG and
view_image) into the agent’s analysis context; those fetched documents are outsider-authored free text (vendor/plant documentation) not authored by the operating user.
MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
- Hidden Unicode characters detected (1 type(s) found)
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W021
MEDIUMHidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
Audit Metadata