printing-press-catalog
Warn
Audited by Snyk on May 21, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The Install workflow explicitly downloads and uses external API specs from the catalog entry's spec_url via curl ("Download the spec" step in Install), meaning arbitrary public third-party spec files can be ingested and influence generation/execution.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata