pp-clickup
Warn
Audited by Snyk on Jun 24, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). The skill is a CLI wrapper around
clickup-pp-cliand, at runtime, it can ingest ClickUp workspace content (e.g., tasks/comments/pages) returned by the ClickUp API into the agent’s JSON output/context; that content is authored by ClickUp users other than the operating user, making it outsider free text that the agent may read.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill's prerequisites include running remote installers that fetch and execute code at runtime (e.g., "npx -y @mvanhorn/printing-press-library install clickup --cli-only" and the Go install path github.com/mvanhorn/printing-press-library/library/project-management/clickup/cmd/clickup-pp-cli@latest), so the go module URL github.com/mvanhorn/printing-press-library/library/project-management/clickup/cmd/clickup-pp-cli@latest is a runtime external dependency that executes remote code.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata