mpp-spt-lifecycle

Warn

Audited by Snyk on Jun 29, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Runtime path “Fetch live docs” pulls arbitrary public web pages from https://docs.stripe.com/... and web-search results, and those fetched page contents are readable text that can be injected into the agent’s LLM context (public web content category).

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The document explicitly describes Stripe Shared Payment Token (SPT) APIs and flows for creating and consuming one-time payment tokens and creating PaymentIntents to charge money. It lists concrete endpoints and parameters (POST /v1/test_helpers/shared_payment/granted_tokens, POST /v1/payment_intents with shared_payment_granted_token, GET /v1/shared_payment/granted_tokens/{id}), and webhook events for token consumption (shared_payment.granted_token.used). These are specific payment APIs (Stripe) whose primary purpose is to initiate and complete financial transactions, not generic tooling. Therefore this skill grants direct financial execution capability.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 29, 2026, 02:51 PM
Issues
2
Security Audit — snyk — mpp-spt-lifecycle