trade-sector

Warn

Audited by Snyk on May 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The SKILL.md Data Collection Phase explicitly instructs the agent to run WebSearch queries (e.g., "WebSearch: 'S&P 500 sector performance...'", fund flows, economic indicators) and extract/interpret open web content to drive sector analysis and trade actions, which clearly ingests untrusted third‑party material that could carry indirect prompt injections.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 16, 2026, 01:19 PM
Issues
1
Security Audit — snyk — trade-sector