dot-skill

Fail

Audited by Snyk on Jun 2, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt explicitly asks for app_id/app_secret, OAuth codes and access tokens and shows examples that place those secrets verbatim into command-line flags and Authorization headers (e.g., --user-token {user_access_token}, Header: Authorization: Bearer {app_access_token}), requiring the agent to handle/output secret values directly, which is high-risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.95). Runtime path: the skill’s Feishu auto-collector (tools/feishu_auto_collector.py) fetches outsider-authored Feishu messages/docs/Wiki content from other users’ accounts via Feishu APIs, then writes readable prose into knowledge/{slug}/messages.txt and docs.txt which are later ingested by the LLM for analysis.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).


MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

  • Hidden Unicode characters detected (1 type(s) found)

Issues (4)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W021
MEDIUM

Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 2, 2026, 07:14 AM
Issues
4
Security Audit — snyk — dot-skill