boss-greeting

Warn

Audited by Snyk on Jun 9, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 该 skill 在步骤 4A/4B/4C 会把用户输入的 JD 文本或截图识别出的招聘正文(外部作者的岗位描述)作为可读文本进入 LLM 上下文,用于生成打招呼内容;这属于“公共/第三方网页或他人撰写的自由文本(招聘JD)”的运行时摄取。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 9, 2026, 10:44 AM
Issues
1
Security Audit — snyk — boss-greeting