whatsapp-processing
Warn
Audited by Snyk on Apr 9, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). This skill explicitly ingests and processes untrusted user-generated WhatsApp messages (e.g., input files like /Needs_Action/WHATSAPP_john_smith_2026-01-07.md and the ConversationManager reading message files from the vault/Done directory) and uses that content to classify urgency, draft replies, and trigger escalations, so third-party content can directly influence agent actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata