mpp-proxy
Warn
Audited by Snyk on Jun 29, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required workflow explicitly instructs runtime fetching of public web pages/docs (e.g.,
https://www.npmjs.com/package/mppx, Cloudflare developer docs, and web searches on GitHub), whose fetched free-form text could be ingested into the agent’s LLM context via the “fetch live docs / web-search” steps.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is explicitly a payment gateway/proxy: it uses the mppx SDK with secret keys and middleware like tempo.charge, performs a 402 challenge-response, verifies payments, charges amounts (mppx.charge({ amount: '100' })), and issues Payment-Receipt headers. Those are specific, dedicated payment operations (sending/verifying charges), not generic request forwarding. This grants direct financial execution capability.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata