pp-sncf-connect
Warn
Audited by Snyk on May 28, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required runtime workflow is executing the
sncf-connect-pp-clibinary (read-only) which fetches data from the external Navitia API; that upstream JSON/text is ingested into the agent context via the CLI’s--agent/--jsonstdout output, making it an outsider-authored source (public API responses).
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata