yao-geo-title-optimizer

Warn

Audited by Snyk on Jun 15, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). 该技能在运行时会通过 scripts/collect_yao_geo_title_evidence.py 对“公开 URL”进行抓取并把抓取到的网页文本字段(如 <title>meta descriptionh1)写入 evidence_snapshot.json,随后这些字段会作为可读文本进入渲染报告的 LLM 上下文/输入(report_input.json/evidence_sourcesrender_yao_geo_title_optimizer.py)。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 15, 2026, 10:55 AM
Issues
1
Security Audit — snyk — yao-geo-title-optimizer