codealive-context-engine
Fail
Audited by Snyk on May 15, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The prompt includes an explicit (not recommended) option that tells the agent to accept a pasted API key and save it via a command like
python setup.py --key THE_KEY, which requires embedding the user's secret verbatim in generated commands/output and thus creates an exfiltration risk.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests external repository content from CodeAlive (see fetch.py / api_client.fetch_artifacts and the /api/search and /api/chat endpoints used by search.py, grep.py, fetch.py, and chat.py), and SKILL.md requires the agent to read that fetched, user-generated code as ground truth to drive searches, triage, and next actions—so untrusted third‑party content can directly influence tool use and decisions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill makes runtime HTTP calls to the CodeAlive API (default base URL https://app.codealive.ai and its /api/... endpoints) which return AI-generated chat completions and fetched artifact content that directly drive the agent's outputs/behavior, and the skill requires that external service to function.
Issues (3)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata