gangtise-copilot

Fail

Audited by Snyk on May 18, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.85). The prompt explicitly shows and permits passing accessKey/secretAccessKey as command-line arguments and instructs prompting for and writing raw credential values into files (and creating examples with ""), which requires the agent to handle and could lead it to emit secrets verbatim in commands or outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill (and the upstream Gangtise skills it installs) explicitly fetch and ingest untrusted third‑party content — e.g., downloading bundles from https://gts-download.obs.myhuaweicloud.com/skills, calling the public OpenAPI at https://open.gangtise.com (RAG/file/data endpoints), and running gangtise-web-client / gangtise-file-client / gangtise-wechat-summary to read web pages, reports and user-generated WeChat content — and those results are parsed and used by workflow skills (stock-research, opinion-pk, etc.) to drive analysis and next actions, so third‑party content can materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Issues (3)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
HIGH
Analyzed
May 18, 2026, 11:35 PM
Issues
3
Security Audit — snyk — gangtise-copilot