pp-printing-press-rich

Fail

Audited by Snyk on Jul 2, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.90). The prompt shows and instructs using verbatim secrets in shell commands (export RICH_AUTH_API_KEY="") and passing tokens as CLI arguments (printing-press-rich-pp-cli auth set-token ), which would require the agent/LLM to handle and emit secret values directly.

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). These links mainly point to GitHub repos and a GitHub release that distribute pre-built CLI/binary artifacts from individual/smaller accounts (plus a placeholder API URL), and GitHub releases/personal repos carrying unsigned executables are a common malware-distribution vector unless you can verify the author and artifact signatures—so treat as suspicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (medium risk: 0.65). Outsider free text can enter the LLM context via runtime API responses: the MCP/CLI “items”/“search”/“sql” tools fetch live JSON from the configured Rich Auth API and return it (including any upstream message/body text) into the agent’s tool result, which the agent then places into its LLM context.

Issues (3)

W007
HIGH

Insecure credential handling detected in skill instructions.

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jul 2, 2026, 04:52 AM
Issues
3
Security Audit — snyk — pp-printing-press-rich