Skills
skills/daydreamsai/skills-market/lucid-client-api/Snyk

lucid-client-api

Fail

Audited by Snyk on Mar 5, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.90). The skill includes endpoints and examples that require embedding secret values (e.g., create/get/update secret bodies and payment signature/response headers) directly into generated HTTP requests, which would force the LLM to handle and potentially output secrets verbatim, creating exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill calls public endpoints such as GET /agent/{slug} and GET /agents/{agentId}/.well-known/agent-card.json (noted in SKILL.md) and the runtime "builds agents dynamically from stored definitions," meaning unauthenticated, user-provided agent manifests can be fetched and interpreted at runtime and thus could inject instructions that influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill explicitly fetches agent manifests at runtime from the API endpoint GET /agents/{agentId}/.well-known/agent-card.json (e.g., http://localhost:8787/agents/{agentId}/.well-known/agent-card.json or via VITE_API_URL), and those manifests are used to dynamically build agent behavior/prompts, so remote content directly controls prompts and is a required runtime dependency.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill explicitly implements payment handling and wallet-related configuration: agent creation includes paymentsConfig and walletsConfig; the Payment Handling section describes 402 responses with X-Payment-Price, X-Payment-Network (e.g., eip155:84532) and X-Payment-PayTo (0x...), references completing payment via an x402 client, and shows retrying requests with PAYMENT-REQUIRED, PAYMENT-SIGNATURE, and PAYMENT-RESPONSE headers. These details describe crypto/payment transaction signing and submission (HTTP-native payments), i.e., concrete financial execution capabilities rather than generic API access.
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 5, 2026, 06:20 PM