tikhub-api-helper
Fail
Audited by Snyk on May 29, 2026
Risk Level: HIGH
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The required runtime workflow can ingest outsider-authored free text from TikHub API HTTP responses (e.g.,
api_client.pyreadsresponse.read().decode('utf-8')andjson.loads(...), then the agent would typically include those response strings in its LLM context), and those responses are not authored by the operating user.
HIGH W008: Secret detected in skill content (API keys, tokens, passwords).
- Secret detected (high risk: 1.00). I inspected the skill content and code for literal credentials.
- Found a high-entropy token in api_client.py: DEFAULT_TOKEN = "vZdfXsQS3nNTqVRrVysjLT4kjaa6yL0gTnBk/aTAi8aA==" This is a long, random-looking/base64-style string used as the default bearer token in the client (i.e., directly usable as an API token). Per the secret definition, this qualifies as a secret.
- Ignored items:
- "sec_user_id=MS4wLjABAAAA..." — truncated/redacted with "..." so treated as non-actionable example.
- Placeholder/example values such as YOUR_API_TOKEN, USER_ID, POST_ID, YOUR_KEYWORD, and environment variable names like TIKHUB_TOKEN — these are documentation placeholders or names, not literal secrets.
- Base URLs, simple example passwords, and other non-secret strings.
Therefore there is a real, high-entropy secret present (the DEFAULT_TOKEN).
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W008
HIGHSecret detected in skill content (API keys, tokens, passwords).
Audit Metadata