tikhub-api-helper

Fail

Audited by Snyk on May 29, 2026

Risk Level: HIGH
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). The required runtime workflow can ingest outsider-authored free text from TikHub API HTTP responses (e.g., api_client.py reads response.read().decode('utf-8') and json.loads(...), then the agent would typically include those response strings in its LLM context), and those responses are not authored by the operating user.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

  • Secret detected (high risk: 1.00). I inspected the skill content and code for literal credentials.
  • Found a high-entropy token in api_client.py: DEFAULT_TOKEN = "vZdfXsQS3nNTqVRrVysjLT4kjaa6yL0gTnBk/aTAi8aA==" This is a long, random-looking/base64-style string used as the default bearer token in the client (i.e., directly usable as an API token). Per the secret definition, this qualifies as a secret.
  • Ignored items:
  • "sec_user_id=MS4wLjABAAAA..." — truncated/redacted with "..." so treated as non-actionable example.
  • Placeholder/example values such as YOUR_API_TOKEN, USER_ID, POST_ID, YOUR_KEYWORD, and environment variable names like TIKHUB_TOKEN — these are documentation placeholders or names, not literal secrets.
  • Base URLs, simple example passwords, and other non-secret strings.

Therefore there is a real, high-entropy secret present (the DEFAULT_TOKEN).

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W008
HIGH

Secret detected in skill content (API keys, tokens, passwords).

Audit Metadata
Risk Level
HIGH
Analyzed
May 29, 2026, 06:45 AM
Issues
2
Security Audit — snyk — tikhub-api-helper