linkfox-temu-promotion-eu

Warn

Audited by Snyk on Jul 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Required runtime path calls Temu via the LinkFox gateway (scripts/_temu_common.py:95-121response.read()json.loads(...)), then prints/summarizes that upstream body/temuBody into stdout and may inline it into the agent context (scripts/_temu_common.py:308-332), where the upstream Temu/Partner response is outsider-authored free text (e.g., errorMsg, failReason, activityName).

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 16, 2026, 08:10 AM
Issues
1