MarketPulse
Warn
Audited by Snyk on Feb 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). This skill calls the public AIsa API (https://api.aisa.one/apis/v1) to fetch third‑party/public content such as company news (/financial/news) and SEC filing items (/financial/sec/items), which the agent ingests and displays as part of its workflow and therefore could carry untrusted content that enables indirect prompt injection.
Audit Metadata