amazon-deal-finder
Warn
Audited by Snyk on May 16, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The SKILL.md and README_CN explicitly state the agent uses web_fetch to scrape public Amazon pages (Lightning Deals, Best Deals, coupons, etc.) and ingests those live public-site details to drive ROI calculations and promotion recommendations, so untrusted third‑party content is read and used to determine agent actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata