mpp-proxy

Warn

Audited by Snyk on Mar 31, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The SKILL.md "Before writing code" steps explicitly instruct the agent to fetch live docs from public sites (e.g., https://www.npmjs.com/package/mppx, web-search results, GitHub samples, and Cloudflare docs), which are untrusted third-party sources the agent is expected to read and that can materially influence implementation decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is explicitly designed to implement payment gates and charge clients: it describes an MPP payment proxy, references the mppx SDK and tempo.charge handler, uses a secret key (MPP_SECRET_KEY), configures amounts, performs a 402 challenge-response to verify payment, and returns payment receipts. Those are specific payment-processing primitives (sending/validating payments), not generic tooling. Therefore it grants direct financial execution capability.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 31, 2026, 06:11 AM
Issues
2
Security Audit — snyk — mpp-proxy