edge
Warn
Audited by Snyk on Feb 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md lists and the index.ts explicitly reference using external public sources (e.g., NOAA and Polymarket/other betting odds) and the code calls calculator.scanForEdge() to compare NOAA vs Polymarket, meaning the agent ingests and acts on untrusted third-party market/weather data as part of its workflow.
Audit Metadata