ai-pm

Warn

Audited by Snyk on Jul 6, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 此 skill 的 REQUIRED runtime workflow 會呼叫 mcp-figma 解析「使用者提供的 Figma 連結/Node ID」,而該 Figma 內容屬於非操作用戶自編的外部來源(公開/第三方設計稿文本與節點屬性會被讀成可讀文字進入 LLM 上下文)。

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). 此 skill 在執行時明確要求並使用 Figma 連結(例如 https://www.figma.com/file/AbCdEf/insurance-portal?node-id=123:456)並透過 mcp-figma 於 runtime 抓取並解析遠端設計內容,該遠端內容直接決定 agent 的輸出(即生成 spec 與指令),因此構成會影響 prompt 的外部執行依賴。

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 6, 2026, 06:19 AM
Issues
2
Security Audit — snyk — ai-pm