pp-mercury

Fail

Audited by Snyk on May 15, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.80). The prompt explicitly documents an insecure pattern—mercury-pp-cli auth set-token YOUR_TOKEN_HERE—which would require embedding an access token verbatim in a generated command (even though an env-var alternative is mentioned), creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 1.00). The skill explicitly requires installing and running remote code at runtime via commands such as "npx -y @mvanhorn/printing-press install mercury --cli-only" and "go install github.com/mvanhorn/printing-press-library/library/payments/mercury/cmd/mercury-pp-cli@latest" (and the similar mercury-pp-mcp install), which fetch and execute external code and are required dependencies for the skill.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is a dedicated banking CLI for Mercury with explicit write/payment commands. It includes commands that move money or create payment instruments: mercury-pp-cli transfer (transfer funds between accounts), recipients create/recipient update (manage payment recipients), cards create (issue virtual cards), AR invoice creation/cancellation, and request-send-money workflows. The "workflow payment-plan" produces an executable payment command and the CLI supports --agent --yes non-interactive execution, enabling autonomous execution of transfers/payments. This is specifically designed for financial operations and can send transactions.

Issues (3)

W007
HIGH

Insecure credential handling detected in skill instructions.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
HIGH
Analyzed
May 15, 2026, 08:04 PM
Issues
3
Security Audit — snyk — pp-mercury