super-extract

Fail

Audited by Snyk on Apr 16, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.90). The skill mandates emitting exact verbatim substrings from source documents (extraction_text in JSON and highlighted HTML), so if a document contains secrets (API keys, tokens, passwords) the LLM will be forced to output them verbatim, creating a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and ingests documents from arbitrary URLs (see "Step 0: If the source is a URL to a PDF, first download it" and the use of pdf/docx skills to extract text), meaning untrusted third‑party content is read and interpreted as part of the extraction workflow and can change extraction/processing decisions.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
HIGH
Analyzed
Apr 16, 2026, 05:39 PM
Issues
2
Security Audit — snyk — super-extract