nature-experiment-log

Warn

Audited by Snyk on Jul 2, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 路径 B:飞书群消息/图片/语音由 feishu-cli-integration 在运行时拉取并转成可读文本(消息正文、转录文本、OCR/转写结果)后进入该 skill 的 LLM 上下文,属于“飞书群中非操作用户的自由文本/内容”。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 2, 2026, 12:02 AM
Issues
1
Security Audit — snyk — nature-experiment-log