visual-companion
Warn
Audited by Snyk on Jun 23, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The runtime path that feeds the agent’s LLM context is the browser event JSON returned by
node scripts/wait-for-event.cjs "$STATE_DIR"(or recovered byread-pending-event.cjs), wherescripts/helper.jssends user-entered free text from the served HTML (e.g.,data-brainstorm-formtextarea/input values) intostate_dir/events/latest-selection.json, and the agent then prints/parses that JSON into the session context.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata