VYPR

Promptcraft Forge Studio

by MarceloTessaro

Source repositories

CVEs (2)

  • CVE-2025-58361CriSep 4, 2025
    risk 0.60cvss 9.3epss 0.00

    Promptcraft Forge Studio is a toolkit for evaluating, optimizing, and maintaining LLM-powered applications. All versions contain an non-exhaustive URL scheme check that does not protect against XSS. User-controlled URLs pass through src/utils/validation.ts, but the check only…

  • CVE-2025-58353HigSep 4, 2025
    risk 0.53cvss 8.2epss 0.00

    Promptcraft Forge Studio is a toolkit for evaluating, optimizing, and maintaining LLM-powered applications. All versions of Promptcraft Forge Studio sanitize user input using regex blacklists such as r`eplace(/javascript:/gi, '')`. Because the package uses multi-character…