tooluniverse-product-safety-surveillance
Warn
Audited by Snyk on Jun 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required runtime workflow calls openFDA endpoints (e.g.,
/drug/shortages.json,/device/recall.json,/device/event.json,/food/event.json,/animalandveterinary/event.json) and ingests the returned JSON fields into the agent’s LLM context; these records are authored by third parties (reporters/manufacturers/consumers) rather than the operating user, so they are outsider free-text/narratives (e.g., MAUDEmdr_text[].text) flowing into the model.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata