qiaomu-blog-publish
Warn
Audited by Snyk on Jul 6, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). 该技能在运行时会对用户提供的 URL 执行“抓取正文并转成 Markdown”(外部网页内容属于 outsider 来源),并将抓取到的正文作为 LLM 上下文/后续发布内容处理。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata