Skills
skills/hanzhcn/laohan-skills/laohan-redian/Snyk

laohan-redian

Warn

Audited by Snyk on Jun 12, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). 路 3 运行 node douyin-ai.js,该脚本在运行时从抖音公开 API 拉取 word_list(含标题/文本字段),这些“非用户选择引入的第三方内容”会被脚本解析并作为可读文本/字段进入后续 LLM 上下文(用于生成热点简报)。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 12, 2026, 11:03 PM
Issues
1
Security Audit — snyk — laohan-redian