skills/defillama/defillama-skills/institutional-crypto/Snyk

institutional-crypto

Warn

Audited by Snyk on Mar 26, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly calls public DefiLlama endpoints (defillama:get_dat_holdings, defillama:get_etf_flows, defillama:get_token_prices), so the agent ingests and interprets open third-party data from the public web as part of its analysis, which can materially influence its decisions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Mar 26, 2026, 04:41 PM

Issues

1