ai-research-explore
Warn
Audited by Snyk on Jun 12, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). Runtime path
scripts/passes/lookup_sources.py→scripts/lookup/providers/*(e.g.,url_provider.resolve_url_record,doi_provider.resolve_doi_record,arxiv_provider.resolve_arxiv_record) performs free-first HTTP fetches of outsider-authored web content and parses readable text (HTML/abstract/metadata) intolookup_bundle/sources/records, which is then embedded into the finalcontextJSON passed to the agent’s LLM.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata