neo4j-agent-memory-skill
Warn
Audited by Snyk on Apr 28, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly instructs the agent to "verify authoritative state" by checking live public sources (e.g., PyPI at https://pypi.org/project/neo4j-agent-memory/, the GitHub README at https://github.com/neo4j-labs/agent-memory, and the NAMS OpenAPI/endpoint at https://memory.neo4jlabs.com/openapi.json), meaning the agent is expected to fetch and interpret untrusted, user‑published web content that can materially change API/tool usage and outputs.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata