money-discover

Warn

Audited by Snyk on May 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires searching and mining user-generated public sources (Product Hunt, Hacker News, X/Twitter, Reddit, forums, review sites) and fetching competitor pages/reviews/URLs as part of its required Phase 2 and Phase 5 workflows, which the agent must read and use to drive decisions—exposing it to untrusted third‑party content that could carry indirect prompt injections.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 16, 2026, 03:34 PM
Issues
1
Security Audit — snyk — money-discover