product-manager-toolkit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The runtime LLM context can be fed outsider-authored free text when the user supplies an interview.txt transcript to scripts/customer_interview_analyzer.py, since that file’s contents (customer/interviewer quotes) are arbitrary and not authored by the operating user, and the script reads it via open(args.file).read() and then formats/exposes extracted quotes/themes for downstream LLM use.