pp-metacritic

Fail

Audited by Snyk on Jun 20, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). This prompt includes explicit examples that embed an API key in CLI arguments (e.g., --api-key your-token-here) and instructs exporting METACRITIC_API_KEY or saving keys in profiles, which can cause an agent to include user secrets verbatim in commands or outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). The skill is a read-only Metacritic “Printing Press CLI” that fetches public web content from Metacritic’s backend (e.g., title detail, reviews, search) at runtime; those responses are ingested as readable JSON/text into the agent’s LLM context via the CLI’s --agent/--json stdout output.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill's setup requires running remote-install commands that fetch and execute code at runtime — e.g., "npx -y @mvanhorn/printing-press-library install metacritic --cli-only" and "go install github.com/mvanhorn/printing-press-library/library/media-and-entertainment/metacritic/cmd/metacritic-pp-cli@latest" — which are external runtime dependencies that execute remote code.

Issues (3)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 20, 2026, 08:21 AM
Issues
3
Security Audit — snyk — pp-metacritic