yao-weread-skill
Warn
Audited by Snyk on May 18, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). This skill calls the external WeRead API gateway (https://i.weread.qq.com/api/agent/gateway) — see SKILL.md and scripts/generate_weread_report.py which fetch /book/bookmarklist, /review/list/mine, /user/notebooks, /readdata/detail etc. — and directly ingests user-generated highlights/reviews/notes (used by extract_terms, word-cloud, charts and narrative insights), so untrusted third‑party content can materially influence the agent's outputs.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata