lynx-strategy

Warn

Audited by Snyk on Jun 28, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (medium risk: 0.65). At runtime, the producer calls the outsider-authored free-text field ai_reasoning via audit_query in fetch_closed_trades(), then parses it with parse_score_from_reasoning() and uses the extracted score to update MIN_SCORE (indirect prompt-injection risk through untrusted text from other users’/system-generated trade records).

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 28, 2026, 08:48 PM
Issues
1
Security Audit — snyk — lynx-strategy