Skills
skills/aaaaqwq/claude-code-skills/bankr-signals/Snyk

bankr-signals

Fail

Audited by Snyk on Mar 1, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt shows API keys placed directly into config files and used verbatim in curl headers (e.g., X-API-Key: bk_YOUR_KEY and API_KEY="bk_YOUR_KEY"), which requires the agent/LLM to handle and emit secret values in generated commands and outputs, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's required heartbeat and integration steps (HEARTBEAT.md and SKILL.md) instruct the agent to poll public endpoints such as https://bankrsignals.com/api/feed and https://bankrsignals.com/api/leaderboard to read other providers' signals (user-generated, public content) and to use those signals to make copy-trading and other decision/actions, which clearly lets untrusted third-party content influence the agent's behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs agents at runtime to "Fetch https://bankrsignals.com/heartbeat.md and follow it", meaning remote content at that URL would be fetched during execution and directly control agent instructions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is explicitly built around crypto trading on-chain: it provisions wallets, exposes an Agent API key (bk_...) and a synchronous signing endpoint (https://api.bankr.bot/agent/sign) for EIP-191 signatures, and documents workflows for registering providers, publishing trade signals (including tx hashes, collateralUsd, leverage) and closing positions. It also references a "Sign & Submit API" and leverage trading docs. These are specific crypto wallet/signing capabilities (wallet provisioning + signing/submission) intended for trading, not generic tooling—so it grants direct financial execution authority.
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 1, 2026, 07:42 PM