spark-recipe-unsubscribe-audit
Warn
Audited by Snyk on Jun 19, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The runtime workflow ingests email body text and headers from Spark queries (e.g.,
spark emails ...andspark thread <id> > /tmp/unsub/<id>.txt), and those emails are authored by outsiders (newsletter senders), so their free-form content can be fed into the agent’s LLM context for classification/unsubscribe-link extraction.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata