novu-framework-integration

Fail

Audited by Snyk on May 11, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt includes examples that instruct embedding secret values verbatim in commands and URLs (e.g., npx novu init --secret-key=<YOUR_NOVU_SECRET_KEY>, passing a bypass token in the bridge URL), which requires the agent to handle/output secrets directly and is a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly documents runtime HTTP fetches to arbitrary external URLs (e.g., step.http examples using https://api.example.com and payload.webhookUrl and step.custom fetch() calls in SKILL.md and references/workflow-and-steps.md), which the agent is expected to parse/interpret and whose response data can be referenced by subsequent steps, so untrusted third‑party content can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.70). Novu Cloud calls your Bridge URL at runtime (examples: https://.novu.sh/api/novu or your deployed bridge like https://api.acme.com/api/novu) to fetch workflow/step content (subject/body/etc.), so these external URLs are required at runtime and directly control the notifications the system sends.

Issues (3)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
HIGH
Analyzed
May 11, 2026, 03:50 PM
Issues
3
Security Audit — snyk — novu-framework-integration