saleor-payments
Warn
Audited by Snyk on Jun 29, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required workflow explicitly fetches live public web documentation at runtime (e.g., “Fetch https://docs.saleor.io/docs/developer/payments” and other
site:docs.saleor.io ...web-search results), so outsider-authored free text from those pages is ingested into the agent’s LLM context.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs fetching live documentation at runtime (e.g., https://docs.saleor.io/docs/developer/payments and https://docs.saleor.io/docs/developer/app-store/apps/stripe), and those fetched pages would directly control the agent's implementation instructions, so they are runtime external dependencies that influence prompts.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill/document describes explicit payment gateway integration and transaction APIs used to move money: mutations and webhook events for transactionInitialize, transactionProcess, and transactionRequestAction with CHARGE/REFUND/CANCEL; instructions to create PaymentIntents (Stripe), capture funds, and process refunds; and use of transactionEventReport to report async payment updates. These are specific, purpose-built financial operations (creating/capturing charges and issuing refunds), not generic tooling.
Issues (3)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata