sumsub-integrate-websdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). At runtime, Sumsub webhooks (outsider-authored JSON body from Sumsub) are received by the server webhook receiver and parsed into readable text/objects that the agent’s LLM context could ingest if the workflow logs/forwards the payload (Stage 5: POST /webhooks/sumsub → JSON.parse(req.body.toString('utf8'))).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill loads and executes a remote WebSDK script at runtime which controls the in-browser KYC UI (snsWebSdk) — e.g. https://static.sumsub.com/idensic/static/sns-websdk-builder.js (which in turn loads iframe content from https://api.sumsub.com/websdk/websdk.html) — so external code fetched at runtime directly executes and controls prompts/UI.

MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

• Hidden Unicode characters detected (1 type(s) found)