defillama
Warn
Audited by Snyk on Feb 28, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and interprets public DeFiLlama API data (e.g., https://api.llama.fi/v2/protocols, https://yields.llama.fi/pools, https://stablecoins.llama.fi/stablecoins) as part of its required workflow in SKILL.md, so untrusted third‑party content from those endpoints can materially influence agent decisions and actions.
Audit Metadata