scrape-define
Warn
Audited by Snyk on Jul 7, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Outsider-authored free text can enter the LLM context when the user provides a “detail page URL” (or when the site is explored) and the main agent consumes the subagent’s analysis output from
.scrape/.work/{site_name}/analyze-page/detail-1.rendered.json, which is derived from outsider web page content.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata