drawing-analyzer
Warn
Audited by Snyk on Jun 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). Outsider free text can enter the LLM context via the runtime-extracted page text from the user-supplied merged construction PDF:
split_pdf.pyusespage.get_text("text")to writetext/sheet_NNN.txt, and Mode B then reads thosetext/sheet_NNN.txtfiles into the agent for answering.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata