agent-ready-cloudflare
Warn
Audited by Snyk on Jun 29, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The skill calls
https://isitagentready.com/api/scanwith a user-suppliedurl, and the scanner’s runtime evidence/message fields are derived from outsider-authored content fetched from that target site (e.g.,/robots.txt,/sitemap.xml, homepage headers/body), which are then inserted into the agent-facing Markdown prompt templates via{issue}.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime POSTs to https://isitagentready.com/api/scan and uses the API response (issue messages, prompt and skillUrl fields) to build the user-facing "How to implement" prompts, so external content from isitagentready.com directly controls the generated prompts and is a required runtime dependency.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill explicitly includes commerce/payment integrations and instructions to enable agent-initiated payments. It documents and links specific payment protocols and tools (x402 with facilitator URL and wallet address, MPP with x-payment-info specifying methods like stripe/lightning/card, UCP, ACP discovery metadata, and AP2 agent payment roles). These are not generic utilities — they are specific payment/commerce APIs and middleware that allow agents to initiate or fulfill payments. Therefore it grants Direct Financial Execution Authority.
Issues (3)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata