xiyou-insight

Warn

Audited by Snyk on Jul 6, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (medium risk: 0.65). 运行时LLM通过各场景的 get_mcp_tools 调用 MCP 工具(如 get_asin_info/get_asin_keywords/get_keyword_asin_analysis 等)把外部数据(竞品标题/关键词/ASIN等)读入并写入 aggregated_data,随后 report_generator.py/dashboard_generator.py 将这些字段拼接进 Markdown/HTML 文本,从而进入LLM上下文的间接提示注入面(数据源属于非用户自选的外部方内容)。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 6, 2026, 02:13 PM
Issues
1
Security Audit — snyk — xiyou-insight