portfolio-flow
Fail
Audited by Snyk on Jun 14, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The skill requires returning the default administrator account password verbatim after deployment (「默认密码: PortfolioFlow_{随机6位}」/“返回访问 URL + 默认管理员账号密码”), which forces the agent to handle and output a secret value directly.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 运行时 LLM 上下文会被“访客自由提问”注入:前台将用户输入的
question通过fetch('/api/assistant', {question: q})发送到templates/functions/api/assistant.js,该函数在answerWithAI()中把question拼进 DeepSeek prompt(访客的问题:${question})作为 LLM 输入。
MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
- Hidden Unicode characters detected (1 type(s) found)
Issues (3)
W007
HIGHInsecure credential handling detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W021
MEDIUMHidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
Audit Metadata