ordercli
Warn
Audited by Snyk on Mar 6, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The SKILL.md instructs the tool to import and read live data from the Foodora website (e.g., "ordercli foodora session chrome --url https://www.foodora.at/" and commands like "orders", "history", "reorder"), so the agent consumes third-party web content which can influence follow-up actions (reorders) and thus could enable indirect prompt injection.
Audit Metadata