cookie-audit

Warn

Audited by Snyk on Jun 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). The required runtime workflow (“CookieAuditScanner.run_full_audit” → “scan_page” → Selenium driver.get(url) and then get_cookies(), execute_script for localStorage/sessionStorage, and performance-log parsing) ingests readable cookie/localStorage values and network request URLs from the scanned website pages (outsider-authored public web content from https://www.pinnacle-ecommerce.com), which can include arbitrary free text/strings that get placed into the generated report/LLM context.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 16, 2026, 03:33 PM
Issues
1
Security Audit — snyk — cookie-audit