taxue-timeline-committee
Warn
Audited by Snyk on Apr 9, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). SKILL.md's "与外部整合" 明确允许在有具体股票代码或内容时先调用搜索工具或
quant-funds-analysis来补充基底数据,意味着代理会读取并依赖来自公开/第三方网络搜索结果的非受信内容来指导会诊决策。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata