consume-nats-message

Warn

Audited by Snyk on Jun 19, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 在阶段 2.5 Bootstrap 中,技能会对“公开 broker 上的消息内容”执行 peek(stream get / ephemeral consumer 读取最近 N 条),把这些消息的 headers/payload 作为可读文本用于 schema 推断并生成草稿契约,从而将“非操作用户/非本项目作者”的自由文本(消息体)喂入 LLM 上下文。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 19, 2026, 06:56 PM
Issues
1
Security Audit — snyk — consume-nats-message