literature-reviewer-skill
Warn
Audited by Snyk on Jun 30, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.78). Phase 2/5/6/8 的运行会通过浏览器自动化从外部学术数据库(CNKI/WOS/ScienceDirect/PubMed/Google Scholar)抓取并把“标题/作者/摘要等可读文本”写入 papers_raw.json 等,再在 Phase 6 的“单篇文献深度分析”和 Phase 8 的“综述生成”提示词中作为输入上下文喂给 LLM,属于公共/第三方网页内容进入模型上下文的间接提示注入风险。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata