create-generation-plugin
Warn
Audited by Snyk on Jun 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). The required workflow is to implement
_generate()usingself._retrieval_pipeline._retrieve_by_id(...)andself._service.get_chunk_contents(...), which at runtime will ingest retrieved chunk text originating from the configured retrieval pipeline’s stored documents (i.e., potentially outsider-authored content if the corpus includes non-user sources).
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata