qiaomu-blog-publish

Warn

Audited by Snyk on Jul 6, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). 该技能在运行时会对用户提供的 URL 执行“抓取正文并转成 Markdown”(外部网页内容属于 outsider 来源),并将抓取到的正文作为 LLM 上下文/后续发布内容处理。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 6, 2026, 12:28 PM
Issues
1
Security Audit — snyk — qiaomu-blog-publish