proactive-agent
Fail
Audited by Snyk on Jul 7, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The WAL protocol requires the agent to "STOP" and "WRITE" any "specific values" (numbers, IDs, URLs) into SESSION-STATE.md before responding, which forces the LLM to emit verbatim sensitive values (and could include API keys/passwords) into generated output/files.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required runtime workflow uses
scripts/wal_hook.shto read free-form human input from stdin (IN=$(cat -)) and append it verbatim into../../memory/working-buffer.mdand../../SESSION-STATE.md, which then become LLM context during compaction recovery/danger-zone handling.
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata