yao-weread-skill

Warn

Audited by Snyk on May 18, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). This skill calls the external WeRead API gateway (https://i.weread.qq.com/api/agent/gateway) — see SKILL.md and scripts/generate_weread_report.py which fetch /book/bookmarklist, /review/list/mine, /user/notebooks, /readdata/detail etc. — and directly ingests user-generated highlights/reviews/notes (used by extract_terms, word-cloud, charts and narrative insights), so untrusted third‑party content can materially influence the agent's outputs.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 18, 2026, 02:08 AM
Issues
1
Security Audit — snyk — yao-weread-skill