pp-mercury
Fail
Audited by Snyk on May 15, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 0.80). The prompt explicitly documents an insecure pattern—
mercury-pp-cli auth set-token YOUR_TOKEN_HERE—which would require embedding an access token verbatim in a generated command (even though an env-var alternative is mentioned), creating an exfiltration risk.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill explicitly requires installing and running remote code at runtime via commands such as "npx -y @mvanhorn/printing-press install mercury --cli-only" and "go install github.com/mvanhorn/printing-press-library/library/payments/mercury/cmd/mercury-pp-cli@latest" (and the similar mercury-pp-mcp install), which fetch and execute external code and are required dependencies for the skill.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is a dedicated banking CLI for Mercury with explicit write/payment commands. It includes commands that move money or create payment instruments:
mercury-pp-cli transfer(transfer funds between accounts),recipients create/recipient update(manage payment recipients),cards create(issue virtual cards), AR invoice creation/cancellation, and request-send-money workflows. The "workflow payment-plan" produces an executable payment command and the CLI supports--agent --yesnon-interactive execution, enabling autonomous execution of transfers/payments. This is specifically designed for financial operations and can send transactions.
Issues (3)
W007
HIGHInsecure credential handling detected in skill instructions.
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata