linkfox-amazon-store-customer-feedback
Warn
Audited by Snyk on Jul 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Runtime path: the scripts call Amazon SP-API via
developerProxy_get()/call_api()and then parse and print/summarize the returned JSON (json.loads(response.read()...)→emit_result()), so any free-text fields inside the API response (e.g., customer feedback content) are outsider-authored and can be included in the LLM context via stdout.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata