nuxt-strata
Warn
Audited by Snyk on Jun 21, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Outsider free text can enter the LLM context via the Nuxt UI Chat flow: user-authored prompt text is sent to the server (
pages/chat/[id].vue→server/api/chat.post.tsreadsmessagesfromreadBody(event)), then streamed back as UI message parts (UChatMessagesrenderspart.text), which the agent/LLM may include in subsequent context; this is not operating-user-authored content.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata