deepwiki
Warn
Audited by Snyk on Mar 2, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). This skill explicitly calls Devin's DeepWiki MCP tools (mcp__devin__read_wiki_structure, mcp__devin__read_wiki_contents, mcp__devin__ask_question) to fetch documentation derived from public GitHub repositories (e.g., app.devin.ai/wiki/{owner}/{repo}), which is untrusted/user-generated content the agent reads and uses to influence decisions and downstream actions (see SKILL.md Steps 3–4).
Audit Metadata