lunarcrush

Warn

Audited by Snyk on May 25, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). This skill calls the LunarCrush API (utils.make_request -> LUNARCRUSH_API_BASE "https://lunarcrush.com/api4") and returns aggregated social/news/posts (e.g., tools/topics.py: get_topic_posts/get_topic_news/search_content, tools/creators.py:get_creator_posts), which are untrusted user-generated third‑party contents that the agent is expected to read and use to influence analysis and actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 25, 2026, 12:36 PM
Issues
1
Security Audit — snyk — lunarcrush