pp-contact-goat
Fail
Audited by Snyk on May 23, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The skill explicitly tells the agent to ask the user for API keys and embed them verbatim in commands (e.g.,
claude mcp add -e DEEPLINE_API_KEY=value -e HAPPENSTANCE_API_KEY=valueand--deepline-keyon the CLI), which requires the LLM to handle and output secret values directly.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). This skill invokes the contact-goat CLI to query and ingest live data from untrusted third-party sources (LinkedIn profiles, Happenstance public API via the "Two Auth Surfaces"/"Notable Commands" and Deepline + provider chain like Apollo/Hunter/Dropleads in "Enrichment Preflight"), and the agent is expected to parse that JSON (--agent mode) and act on it, so external content could materially influence decisions and enable indirect prompt injection.
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata