Skills
skills/op7418/claude-to-im-skill/claude-to-im/Snyk

claude-to-im

Fail

Audited by Snyk on Mar 24, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The skill explicitly asks the agent to collect API tokens/secrets from the user and then write them into ~/.claude-to-im/config.env and run validation commands, which requires the LLM to include secret values verbatim in file contents and tool/command outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly forwards messages from open/public IM platforms (Telegram, Discord, Feishu/Lark, QQ) to the Claude agent (see SKILL.md and README: "Messages from IM are forwarded to the AI coding agent"), and those user-generated, untrusted messages can trigger tool use (and even be auto-approved via CTI_AUTO_APPROVE), so third‑party content is read and can materially influence agent actions.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
HIGH
Analyzed
Mar 24, 2026, 02:38 PM
Issues
2