magi

Warn

Audited by Snyk on Apr 22, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's required teammate checklists and reference prompts (personalities/MAGI-1.md instructs "Search online" and references/codex.md and references/gemini.md explicitly require "search online" / web lookups) direct the agents to fetch and interpret open/public web content as part of their core workflow, so untrusted third‑party material can influence proposals and subsequent actions.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 22, 2026, 06:08 AM
Issues
1
Security Audit — snyk — magi