Skills
skills/nexscope-ai/nexscope-ecommerce-skills/review-checker/Snyk

review-checker

Warn

Audited by Snyk on Jun 28, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.95). Outsider-authored free text from Amazon customer reviews is fetched at runtime via the proxy endpoints /api/v1/tools/linkfox/amazon/usReviewsList (US) or /api/v1/tools/linkfox/amazon/reviews/list (non-US) in get_reviews_content(), then ingested into the analysis context as review['title']/review['text'] and used to build pain_point_analysis and insights (including review snippets/examples).

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 28, 2026, 07:06 AM
Issues
1
Security Audit — snyk — review-checker