medusa-payments

Warn

Audited by Snyk on Mar 31, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). Yes — the SKILL.md "Before writing code" steps explicitly instruct the agent to fetch live docs from public Medusa docs (e.g., https://docs.medusajs.com/resources/references/payment and web searches), so the agent will ingest and act on third-party web content that can influence implementation decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is explicitly a payment-processing module with direct integrations and methods for moving money. It references Stripe and PayPal configuration (apiKey, clientId/clientSecret, webhook secrets), and defines provider methods and workflows that perform financial actions: initiatePayment, authorizePayment, capturePayment, refundPayment, cancelPayment, plus admin routes such as POST /admin/payments/:id/capture and POST /admin/payments/:id/refund. These are specific payment gateway and transaction operations (authorization, capture, refund) — not generic tooling — so it grants Direct Financial Execution capability.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 31, 2026, 06:11 AM
Issues
2
Security Audit — snyk — medusa-payments