skills/redfox-data/redfox-community/cn-last30days/Snyk

cn-last30days

Warn

Audited by Snyk on Jun 18, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). RUNTIME 路径：scripts/cn_last30days.py 通过 redfox.hk/story/api/multiPlatform/workSearch 获取小红书/抖音/公众号“作品标题/作者/简介/链接”等文本（外部作者内容），随后在 format_as_json()/format_as_html() 中把这些可读文本写入 JSON/HTML 并作为报告内容被 LLM/agent 上下文使用。

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Jun 18, 2026, 07:56 AM

Issues

1

Security Audit — snyk — cn-last30days