medusa-cart-checkout
Warn
Audited by Snyk on Jun 29, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required workflow includes “Fetch live docs” via runtime web-search and fetching
https://docs.medusajs.com/...pages; those fetched public web pages are outsider-authored free text that can be ingested into the agent’s LLM context for review.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill explicitly includes payment-specific workflows and operations that create and initialize payment sessions and complete checkouts (which require payment authorization). Examples: createPaymentCollectionForCartWorkflow, initializePaymentSessionWorkflow, PaymentSessions/PaymentCollection, and completeCartWorkflow (validates payment authorized). These are specific payment-related functions (payment gateways/session handling / payment authorization) rather than generic capabilities, so the skill grants direct financial execution authority.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata