graphify

Fail

Audited by Snyk on Jun 29, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.90). The prompt instructs the agent to ask for and then use credentials for Neo4j in a command-line example (--password PASSWORD), which requires embedding secrets verbatim into generated commands/outputs (high exfiltration risk), even though other parts use safer env-var patterns.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). Outsider free text can enter the LLM context during Step 3B semantic extraction: the Agent subagents read and process FILE_LIST items that come from user-supplied paths/URLs (e.g., cloned GitHub repos or fetched webpages via /graphify add <url>), and those files’ contents are ingested as readable text into the subagent prompts.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 29, 2026, 03:25 AM
Issues
2
Security Audit — snyk — graphify