metaculus
Warn
Audited by Snyk on Feb 20, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The skill fetches content from the public Metaculus API (see SKILL.md resources) and the runtime code (index.ts — e.g., getFeed()/handleSearch()/handleQuestion calling f.searchMarkets() and f.getMarket()) returns user-generated fields like market.description and market.url into agent outputs, so untrusted third-party content is ingested and presented to the agent and could influence subsequent decisions.
Audit Metadata