proactive-chat

Warn

Audited by Snyk on Jun 23, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). 该技能在生成 morning/discovery 消息时会调用 web-search(公开网页/可抓取内容)并把检索结果的可读摘要/来源内容拼入 LLM 生成上下文,从而引入“公共 web 内容”这一外部自由文本来源的间接提示注入风险。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 23, 2026, 06:06 AM
Issues
1
Security Audit — snyk — proactive-chat