import-world-from-book
Warn
Audited by Snyk on Jun 23, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 在
extract-world.ts的processBatch()中,脚本把raw_text/chapter_*.md(由split-book从用户提供的 epub/txt 解析得到的原文内容)通过--file逐个附加到opencode运行参数里,导致 LLM 上下文包含“书籍原文/章节文本”这类非操作用户自写的外部自由文本,从而存在间接提示注入风险。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata