novu-connect-agent

Fail

Audited by Snyk on Jun 16, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to ask users to paste Slack App / Telegram bot tokens into chat (the "in_chat" fallback) and then include those secrets verbatim as environment variables and CLI flags (--slack-config-token / --telegram-bot-token), which requires the LLM to handle and output secret values directly.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill runs "npx novu@latest connect …" at runtime, which fetches and executes remote code from the npm registry (e.g. https://registry.npmjs.org/novu), and that remote CLI controls the Connect flow and outputs the handoff URLs the agent relies on, so this is a required runtime-executed external dependency.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 16, 2026, 03:06 PM
Issues
2
Security Audit — snyk — novu-connect-agent