llava
Warn
Audited by Snyk on Feb 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill ingests and analyzes arbitrary user-provided images and text (e.g., via the Gradio web UI launch command python -m llava.serve.gradio_web_server and the CLI image/file queries like python -m llava.serve.cli --image-file), so the agent will read untrusted user-generated third-party content that could embed instructions.
Audit Metadata