Skills
skills/op7418/claude-to-im-skill/claude-to-im/Snyk

claude-to-im

Fail

Audited by Snyk on Mar 10, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to collect user API tokens/secrets via AskUserQuestion and to write them into ~/.claude-to-im/config.env and run token-validation commands (which require embedding the secret), forcing the LLM to handle and include secrets verbatim in tool/command outputs despite masking in user-facing displays.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 1.00). The skill's core workflow explicitly forwards and processes messages from third-party IM platforms (README.md: "Messages from IM are forwarded to the AI coding agent") and performs live API calls to public platform endpoints for token validation (references/token-validation.md shows curl calls to Telegram/QQ/Feishu), so the agent will ingest untrusted user-generated content from Telegram/Discord/Feishu/QQ that can directly influence tool use and next actions.
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 10, 2026, 11:52 AM