agently-mail
Fail
Audited by Snyk on Jun 12, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). Insecure: the skill explicitly requires extracting and verbatim forwarding of opaque URLs (the OAuth authorization URL and download_url) from CLI output, which may contain sensitive tokens or presigned credentials, so the LLM must handle/output secret-like values exactly as returned.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 运行时会调用
agently-cli message +read/+search获取邮件“标题/正文/附件元信息”,这些邮件正文与内容属于外部第三方(邮件发送者)自由文本,并会被作为可读文本进入代理上下文。
MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
- Hidden Unicode characters detected (1 type(s) found)
Issues (3)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W021
MEDIUMHidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
Audit Metadata