printing-press-amend
Fail
Audited by Snyk on May 17, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The skill explicitly records and displays verbatim "evidence" from session transcripts and user asks (including hand-rolled API payloads and Authorization/Cookie/X-API-Key headers) at the scope-confirmation step before the PII-scrub phase, so the LLM may be required to handle and emit secret values verbatim.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill's sniff subroutine (Phase 1 1b.i) explicitly runs crowd-sniff which queries public sources (npm SDKs and GitHub code search) and optionally runs browser-sniff against a user-provided site/HAR, ingests those third‑party discoveries into findings, and then the agent uses those findings to plan and perform code/PR changes—exposing it to untrusted, user-generated web content that can influence actions.
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata