notion-sync

Warn

Audited by Snyk on Jul 15, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). The required workflow “Notion to Memoire (Pull)” fetches outsider-authored Notion page block content (headings/paragraphs/lists/code/etc.) at runtime and converts it to markdown that is then written into the agent’s context for spec validation/writing, creating an indirect prompt-injection path from Notion users’ free text.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 15, 2026, 09:49 PM
Issues
1