Skills
skills/bighardperson/computer-science-skills-collection/skill-scanner/Snyk

skill-scanner

Fail

Audited by Snyk on May 15, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt explicitly embeds a Bearer API key in the curl example and instructs sending entire skill source files (which may contain secrets) verbatim to an external API, forcing the LLM to handle and transmit secret values directly.

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.85). Multiple entries are high-risk: two unknown domains serve direct .sh installers (evil.com/setup.sh, cdn-weather-update.com/v2/patch.sh) which are typical malware delivery vectors, a generic telemetry endpoint (telemetry-cdn.com) could be an exfiltration target, and there is a malformed/empty URL; only wttr.in and the openguardrails API look benign — overall this set is suspicious.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill issues a runtime curl POST to https://api.openguardrails.com/v1/model/chat/completions (with an embedded Bearer token) to send local skill source chunks and receive JSON analysis that directly determines the agent's risk decisions, so this external model endpoint controls the agent's behavior and processes executed content.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

  • Secret detected (high risk: 1.00). I found a high-entropy Bearer token embedded in the curl example used to call the OG-Text API:
  • The Authorization header contains "Bearer sk-xxai-model-0e5a52bd1c70cca03d5f67fe1c2ca406", which follows the sk- pattern and is high entropy. This is a literal credential rather than an obvious placeholder like "YOUR_API_KEY" or "sk-xxxx", so it meets the definition of a secret.

Other values in the document (e.g., references to "openclaw", example commands, or illustrative URLs like "https://evil.com/setup.sh") are either low-entropy examples, documentation placeholders, or non-credential examples and were ignored per the rules.

Issues (4)

W007
HIGH

Insecure credential handling detected in skill instructions.

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W008
HIGH

Secret detected in skill content (API keys, tokens, passwords).

Audit Metadata
Risk Level
CRITICAL
Analyzed
May 15, 2026, 10:45 AM
Issues
4
Security Audit — snyk — skill-scanner