dpia-stakeholder-consult
Warn
Audited by Snyk on Jun 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The runtime workflow ingests and renders
plan.responsesfields (e.g.,concern_summary,action_taken) into the generated report; these response texts are authored by external consultees (e.g., patient advisory council, consumer federation, works council) and thus are outsider free-form content that becomes LLM-readable context via the tool’s report generation path.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata