arkcli-models
Warn
Audited by Snyk on Jul 1, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). 运行时会调用
arkcli models search,其工作流会从本地缓存/ArkModels 元数据接口读取并把models search返回的description/introduction/display_name等字段(可包含外部/非用户选择引入的文本)拼入 agent 的 LLM 上下文;该文本并非由操作用户撰写。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata