Skills
skills/adaptationio/skrillz/railway-deployment/Snyk

railway-deployment

Fail

Audited by Snyk on Feb 16, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.90). The prompt includes commands that set credentials inline (e.g., railway variables set --sealed DOCKER_PASSWORD=pass) and instructs copying/restoring variable values, which encourages embedding secret values verbatim in CLI commands or scripts, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill ingests and displays untrusted third‑party content—e.g., deploying from GitHub repos and public Docker images and reading runtime output and HTTP responses via commands like railway add --repo owner/repository, railway add --image ..., railway logs --deployment, and curl https://your-service.railway.app/health—so the agent would read/interpret arbitrary user-generated content that could carry indirect prompt injections.
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:15 AM