linkfox-onboarding
Fail
Audited by Snyk on Jul 15, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to call scripts that return an "api_key" and then "拿到 api_key 后... 帮用户配置" environment-variable-setting commands (e.g., setx / echo export), which requires the LLM to read and embed the secret API key verbatim into its output—an explicit secret-exfiltration pattern.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). This skill explicitly implements a recharge/payment flow: it lists purchasable plans, lets the user select a plan and payment method (wechat/alipay), calls a script to create an order (python scripts/create_order.py) which returns order_id, qr_content, qr_url, pay_url and PNG QR, and provides a script to query payment status (python scripts/query_order.py). Because it contains specific payment gateway interactions and order-creation APIs (not just generic HTTP or browsing), it grants direct financial execution capability.
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata