spaceship-dns

Fail

Audited by Snyk on Jun 21, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.90). The prompt instructs retrieving VERCEL_TOKEN from Bitwarden and inserting it into curl Authorization headers (and similar shell commands), which requires obtaining and embedding a secret value verbatim in requests/commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Outsider free text is ingested via the runtime-fetched Spaceship DNS management web page (public web UI content) that the VBC browser automation snapshots/reads into the agent’s LLM context, including existing DNS record values and UI text.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 21, 2026, 02:49 AM
Issues
2
Security Audit — snyk — spaceship-dns