auto-updater
Fail
Audited by Snyk on Jun 12, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The workflow explicitly commands the agent to fetch and "show the full diff" of files including hooks/hooks.json and .mcp.json (and other files), which may contain API keys, tokens, or other secrets and thus requires outputting secret values verbatim if present.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required runtime workflow fetches and diffs outsider-authored skill source (e.g., updated
SKILL.md/other files from the skill’s upstream registry) and then ingests that readable diff text into the agent context for the trust review andskills-qarescan.
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata