account-state

Warn

Audited by Snyk on Jun 30, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Outsider-authored free text can enter the LLM context indirectly via runtime Nostr relay frames: RelayPool/parseNostrEvent(json)LocalCache.consume(event)Note/User metadata flows, where the event content/body is derived from third-party authors and can later be rendered/used by the agent’s LLM.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 30, 2026, 05:22 PM
Issues
1
Security Audit — snyk — account-state