ai-pm
Warn
Audited by Snyk on Jul 6, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 此 skill 的 REQUIRED runtime workflow 會呼叫
mcp-figma解析「使用者提供的 Figma 連結/Node ID」,而該 Figma 內容屬於非操作用戶自編的外部來源(公開/第三方設計稿文本與節點屬性會被讀成可讀文字進入 LLM 上下文)。
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.80). 此 skill 在執行時明確要求並使用 Figma 連結(例如 https://www.figma.com/file/AbCdEf/insurance-portal?node-id=123:456)並透過 mcp-figma 於 runtime 抓取並解析遠端設計內容,該遠端內容直接決定 agent 的輸出(即生成 spec 與指令),因此構成會影響 prompt 的外部執行依賴。
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata