travel-planner
Warn
Audited by Snyk on Jun 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 该技能在 Step 2/4 里“必须联网”执行多组搜索(如“{目的地} 旅游攻略…”“{目的地} 必去景点 门票价格”“{目的地} 避坑…”“{出发城市} 到 {目的地} 机票/高铁…”,并据此生成门票与费用),因此会把运行时从公共网页/搜索结果抓取的第三方攻略与价格文本(外部作者)注入到LLM上下文中。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata