langfuse-prompt-view

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This script fetches prompt text from the external Langfuse API (default https://us.cloud.langfuse.com/api/public/v2/prompts/ in scripts/langfuse-prompt-view.ts) and prints the returned prompt content, which can be arbitrary/user-provided and thus could carry indirect prompt-injection instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The script performs a runtime fetch of prompt text from the Langfuse API (e.g. https://us.cloud.langfuse.com/api/public/v2/prompts/), and that fetched content directly supplies prompt/instruction text used by the tool, making it an external runtime dependency that can control agent behavior.