close-plan-generator
Warn
Audited by Snyk on Jul 4, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Outsider free text is ingested via runtime calls to Clari (
clari_get_call_summarysentiment/objections/next steps) and HubSpot deal/contact notes (hubspot_get_deal/hubspot_get_contact), which can include messages authored by non-operating-user participants (e.g., prospect/customer communications) that are then placed into the agent’s LLM context for close-plan generation.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata