Skills
skills/stevengonsalvez/agents-in-a-box/expect-test/Snyk

expect-test

Fail

Audited by Snyk on May 5, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt includes a hard-coded API key value (IMGBB_API_KEY="${IMGBB_API_KEY:-006dfde8d5037a1e366db2bb24e915d3}") and example curl commands that would embed it verbatim, which forces the agent to handle/output a secret-like string directly.

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). These are a mix of legitimate services (GitHub, imgbb) and an ephemeral HTML host (here.now) that can all host arbitrary files or active JavaScript — which is fine for trusted publishers but can be used to distribute executables or malicious HTML/JS from unknown or typosquatted accounts/releases, so they present a moderate-to-high risk if the source is not verified.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill's setup step runs "npm install -g expect-cli@latest", which fetches and executes remote code from the npm registry (e.g., https://registry.npmjs.org/expect-cli) and is a required runtime dependency for the skill.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

  • Secret detected (high risk: 1.00). I scanned the full skill prompt for literal, high-entropy credential values.

Flagged:

  • The IMGBB API key default in the imgbb upload snippet: IMGBB_API_KEY="${IMGBB_API_KEY:-006dfde8d5037a1e366db2bb24e915d3}" This is a 32-character hex-like string (high entropy) and appears to be an actual, hardcoded API key value in a runnable example — therefore it should be treated as a secret.

Ignored / not flagged:

  • Environment variable names (e.g., EXPECT_REPLAY_OUTPUT_PATH, IMGBB_API_KEY as a variable name, NO_TELEMETRY) — these are names only, not secret values.
  • Template/placeholders and obvious examples (e.g., $HOME/{{TOOL_DIR}}, OWNER/REPO, TAG, PR, SESSION_ID, https://{slug}.here.now/{SESSION_ID}.html) — documentation placeholders.
  • Simple/low-entropy values (e.g., NO_TELEMETRY=1) and commands/samples — not secrets.

Conclusion: one real high-entropy secret literal was found (the imgbb API key).

Issues (4)

W007
HIGH

Insecure credential handling detected in skill instructions.

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W008
HIGH

Secret detected in skill content (API keys, tokens, passwords).

Audit Metadata
Risk Level
CRITICAL
Analyzed
May 5, 2026, 09:05 AM
Issues
4