polish-by-diff
Warn
Audited by Snyk on Jun 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The workflow reads outsider-authored free text from the manuscript section files (e.g.,
.writing/manuscript/*.tex) that the operating user did not author, and then injects that prose into the agent’s LLM context during Step 5 diff review (presenting full-/+hunk text).
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata