oma-docs
Warn
Audited by Snyk on Jun 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). In sync mode, the runtime path is:
oma docs sync→ CLI emits a candidate-doc list → the host LLM reads the outsider-authored free text of each candidate doc by loadingdocs/<doc>content (and also usesgit difftext), which is not authored by the operating user/agent; this doc body text is then placed into the LLM context for patch drafting.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata