anonymous-file-upload
Fail
Audited by Snyk on May 27, 2026
Risk Level: CRITICAL
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 0.90). The skill includes example commands that embed auth tokens/credentials directly (e.g., -H "daku: YOUR_DAKU_TOKEN", curl -u username:password, deletion tokens), meaning an agent performing these actions would need to insert secret values verbatim into generated requests/commands.
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.85). These links point largely to anonymous/public file hosts (transfer.sh, 0x0.st, IPFS gateways, filedrop/blossom), raw GitHub repos and a third‑party container image — all capable of serving arbitrary, unvetted binaries or scripts and commonly abused for malware distribution, so downloads from them should be treated as high risk.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's mirror_web_content workflow (/remoteupload) and accompanying examples explicitly fetch and ingest arbitrary public URLs (e.g., curl POST with '{"url":"https://example.com/image.png"}'), and the decision tree and server-probing instructions show that this untrusted web content is read and can change routing/behavior (HTML handling, fallback probing), so it could enable indirect prompt injection.
Issues (3)
W007
HIGHInsecure credential handling detected in skill instructions.
E005
CRITICALSuspicious download URL detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata