himalaya-email-manager
Warn
Audited by Snyk on Jun 23, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). Outsider-authored email content is fetched at runtime from the user’s IMAP account (e.g., via
email-summary.py/email-search.py/email_save.pyusing Himalaya IMAP), and that message body text/headers are then parsed into LLM-readable output (tables/JSON) that the agent can include in its LLM context.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata