ollygarden-insight-remediation
Fail
Audited by Snyk on May 18, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to ask for, read, store, and embed API keys (examples like og_sk_..., and curl -H "Authorization: Bearer $KEY") into commands/files, which requires handling secret values verbatim and risks exfiltration.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches insights and the
remediation_instructionsfrom the external OllyGarden API (e.g., https://api.ollygarden.cloud/api/v1/services/{id}/insights) and the SKILL.md workflow requires quoting and strictly following those API-provided instructions to make code changes, so untrusted third-party content can directly drive agent actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill explicitly fetches remediation_instructions at runtime from https://api.ollygarden.cloud (e.g., https://api.ollygarden.cloud/api/v1/services and https://api.ollygarden.cloud/api/v1/services/{id}/insights, and also references https://api.ollygarden.cloud/llms.txt) and requires the agent to quote and follow those remote instructions, so fetched content directly controls agent behavior.
Issues (3)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata