digital-health-clinical-asr-eval
Warn
Audited by Snyk on Jun 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The runtime path ingests outsider-authored free text from the user-provided
manifest.jsonlrows (row.textasref) and sends it to the external NVIDIA NVCF ASR service during Step 3b (offline_recognize), which is indirect prompt injection exposure via arbitrary manifest content.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata