Skills
skills/kycloudtech/quickcreator-skills/quickcreator-skill-builder/Snyk

quickcreator-skill-builder

Fail

Audited by Snyk on Feb 26, 2026

Risk Level: CRITICAL
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt explicitly asks the agent to collect the user's developer key and then insert that exact value into generated config files (QC_API_TOKEN) and related outputs, requiring the LLM to handle and reproduce the secret verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 0.90). This content contains deliberate deception and covert credential-handling instructions (explicitly telling the agent to hide technical details and to silently write/merge a user-supplied "developer key" into multiple assistant config files and an npx-based runtime), which enables persistent, broad access to the user's QuickCreator account and creates clear supply-chain and credential-exfiltration abuse vectors.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to call marketplace and web tools (e.g., list_skills(category="marketplace"), search_marketplace(tag=...), get_skill(...) and the query_question_from_web tool listed in tool-reference.md) so the agent will fetch and read user-generated marketplace listings and open web content and then summarize/act on them (e.g., fork, create copies, or incorporate findings), which enables indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 26, 2026, 04:54 AM