generate-application

Warn

Audited by Snyk on Jun 19, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). Outsider free text is ingested from a runtime-fetched job posting URL (public web content) via curl ... https://r.jina.ai/[job-url] / WebFetch, and that parsed markdown is then passed into the cover-letter-writer agent prompt.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 19, 2026, 09:07 AM
Issues
1
Security Audit — snyk — generate-application