spree-api-v3

Warn

Audited by Snyk on Jun 20, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). The required workflow explicitly instructs fetching live public web content at runtime (e.g., https://spreecommerce.org/docs/api-reference and the per-release OpenAPI spec), which is outsider-authored text that can be ingested into the agent’s LLM context.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs fetching the OpenAPI spec at runtime (e.g., https://your-spree.com/api/v3/openapi.json) and using it with the openapi-generator command to generate/execute client code, so remote content can directly control code generation and runtime behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The Spree API docs explicitly describe payments-related resources and operations: prefixed IDs for payments/pay_, payment methods/pm_, transactions/txn_*, filtering by payment_state=paid, guidance on Idempotency-Key to avoid double-charges, and separate Admin API credentials (API keys / OAuth2) for server-side/admin actions. These elements indicate the API is designed to create and manage payments/transactions (i.e., move money) rather than being a generic tool, so it grants direct financial execution capability.

Issues (3)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 20, 2026, 12:43 PM
Issues
3
Security Audit — snyk — spree-api-v3