lovebug-report
Warn
Audited by Snyk on Jun 25, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). Runtime LLM context can include outsider-authored free text from lovebug.com’s public map JSON endpoints (e.g.,
GET /api/map/areas/clusters/boundaries) which are populated from third-party user reports and are fetched from a public web source.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata