Skills
skills/agiprolabs/claude-trading-skills/token-holder-analysis/Snyk

token-holder-analysis

Warn

Audited by Snyk on Mar 21, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill directly fetches and ingests untrusted public third‑party data (e.g., Solana RPC, Helius DAS at https://mainnet.helius-rpc.com, SolanaTracker at https://data.solanatracker.io, and Birdeye at https://public-api.birdeye.so) as shown in references/data_sources.md and scripts/analyze_holders.py, and that data is parsed to compute risk metrics and drive recommendations, so external content can materially influence agent decisions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 21, 2026, 02:36 PM
Issues
1