signup-monitor

Fail

Audited by Snyk on Jun 22, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.90). The skill is designed to automatically harvest new signup PII (emails, org info, domains) and deliberately send those identifiers to external enrichment/search services (PostHog queries, Exa, lead-enrichment, exa-company/people-research and pipeline-manager) and persist processed email lists, which constitutes intentional data exfiltration and privacy-abuse risk; no obfuscated code, eval/remote-exec backdoor, or supply-chain tricks were evident.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.95). Step 4 runs exa-search__web_search_advanced_exa against the public web for each signup’s email domain, ingesting outsider-authored free-text search results into the agent’s LLM context.

Issues (2)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 22, 2026, 04:55 AM
Issues
2
Security Audit — snyk — signup-monitor