paper-know-journal

Warn

Audited by Snyk on Jun 21, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 该 skill 的“调研”步骤会联网抓取/摘录期刊官网、投稿系统、SciRev/LetPub/论坛等网页的可读正文并写入 sources.json/报告;这些均属于运行时引入的“公共 web 内容/第三方作者的自由文本”,从而可能进入代理的 LLM 上下文形成间接提示注入风险。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 21, 2026, 02:37 PM
Issues
1
Security Audit — snyk — paper-know-journal