creator-buddy

Warn

Audited by Snyk on Jul 3, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). 运行时会通过 skills/global-content-search 调用 Agent Reach / OpenCLI / xiaohongshu-mcp / xhs-cli 或 Guaikei API 拉取小红书/B站等公开内容(含他人作者的标题、摘要、链接、评论等可读文本),这些文本会进入 CLI 输出并被主 Agent 写入 LLM 上下文。

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 3, 2026, 09:41 AM
Issues
1
Security Audit — snyk — creator-buddy