printing-press-amend

Fail

Audited by Snyk on May 17, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The skill explicitly records and displays verbatim "evidence" from session transcripts and user asks (including hand-rolled API payloads and Authorization/Cookie/X-API-Key headers) at the scope-confirmation step before the PII-scrub phase, so the LLM may be required to handle and emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's sniff subroutine (Phase 1 1b.i) explicitly runs crowd-sniff which queries public sources (npm SDKs and GitHub code search) and optionally runs browser-sniff against a user-provided site/HAR, ingests those third‑party discoveries into findings, and then the agent uses those findings to plan and perform code/PR changes—exposing it to untrusted, user-generated web content that can influence actions.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
HIGH
Analyzed
May 17, 2026, 09:42 PM
Issues
2
Security Audit — snyk — printing-press-amend