find-mcp-directories
Warn
Audited by Snyk on Jun 17, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.72). The skill’s runtime calls the ServiceGraph
product_directorydataset (e.g.,GET .../searchand optionalPOST .../unlocks) to ingest directory metadata and gated fields likeeditor_note/traffic into the agent context; these directory records are outsider-authored catalog content (not authored by the operating user), creating indirect prompt-injection risk via free-text fields returned by the API.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime calls to https://api.servicegraph.co (e.g., /v1/datasets/product_directory/... and /unlocks) and surfaces returned gated fields like editor_note verbatim, so externally fetched content can directly control the agent's output/instructions.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata