find-mcp-directories

Warn

Audited by Snyk on Jun 17, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.72). The skill’s runtime calls the ServiceGraph product_directory dataset (e.g., GET .../search and optional POST .../unlocks) to ingest directory metadata and gated fields like editor_note/traffic into the agent context; these directory records are outsider-authored catalog content (not authored by the operating user), creating indirect prompt-injection risk via free-text fields returned by the API.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime calls to https://api.servicegraph.co (e.g., /v1/datasets/product_directory/... and /unlocks) and surfaces returned gated fields like editor_note verbatim, so externally fetched content can directly control the agent's output/instructions.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 17, 2026, 07:01 AM
Issues
2
Security Audit — snyk — find-mcp-directories