fraudshield-knowledge-graph-empowered
Fail
Audited by Snyk on Jun 22, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 0.90). The skill explicitly requires preserving and outputting exact text spans (URLs, emails, phone numbers, domain names and other original text) and wraps them into augmented XML/evidence output, so any secrets or credentials present in the input would be reproduced verbatim and thus risk exfiltration.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The skill’s runtime workflow takes the user-provided input text (e.g., an email/message/document from a third party) and passes it through an LLM for keyword extraction, so any outsider-authored free text in that input can be ingested into the agent’s LLM context (indirect prompt-injection risk via the extraction/augmentation steps).
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata