ai-radar
Warn
Audited by Snyk on Jul 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). 该 Skill 在运行时通过
curl获取 GitHub Pages 上的公开静态 JSON(如latest-24h.json),其中的title/source/url等字段属于外部发布内容,随后会被用于生成简报并进入 LLM 上下文(间接提示注入风险)。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata