Fail
Audited by Snyk on Jun 30, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E004: Prompt injection detected in skill instructions.
- Potential prompt injection detected (high risk: 1.00). The skill explicitly instructs the agent to read a local PAI context file that contains contact lists, personal preferences, voice IDs and operating instructions unrelated to PDF processing, which is a hidden/deceptive instruction to access sensitive local data and alter behavior outside the skill's stated purpose.
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 0.90). The skill tells the agent to load a local PAI context (which may contain API/voice IDs and other secrets) and includes examples that embed plaintext passwords on the command line or in code (e.g., qpdf --password=mypassword, writer.encrypt("userpassword","ownerpassword")), which means the agent may need to handle or reproduce secret values verbatim.
Issues (2)
E004
CRITICALPrompt injection detected in skill instructions.
W007
HIGHInsecure credential handling detected in skill instructions.
Audit Metadata