linkfox-onboarding

Fail

Audited by Snyk on Jul 15, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to call scripts that return an "api_key" and then "拿到 api_key 后... 帮用户配置" environment-variable-setting commands (e.g., setx / echo export), which requires the LLM to read and embed the secret API key verbatim into its output—an explicit secret-exfiltration pattern.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). This skill explicitly implements a recharge/payment flow: it lists purchasable plans, lets the user select a plan and payment method (wechat/alipay), calls a script to create an order (python scripts/create_order.py) which returns order_id, qr_content, qr_url, pay_url and PNG QR, and provides a script to query payment status (python scripts/query_order.py). Because it contains specific payment gateway interactions and order-creation APIs (not just generic HTTP or browsing), it grants direct financial execution capability.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
HIGH
Analyzed
Jul 15, 2026, 12:18 PM
Issues
2