@ifnotnowwhen/promptr@1.0.2 vulnerabilities

Promptr is a CLI tool that lets you use plain English to instruct GPT3 or GPT4 to make changes to your codebase.

Direct Vulnerabilities

Known vulnerabilities in the @ifnotnowwhen/promptr package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • C
Remote Code Execution (RCE)

@ifnotnowwhen/promptr is a Promptr is a CLI tool that lets you use plain English to instruct GPT3 or GPT4 to make changes to your codebase.

Affected versions of this package are vulnerable to Remote Code Execution (RCE) due to the possibility to load prompt/template file from the url. An attacker can set malicious command and the file in the user's server will be modified.

How to fix Remote Code Execution (RCE)?

There is no fixed version for @ifnotnowwhen/promptr.

*