Skills
skills/yash-atreya/agentads/ad-creator/Snyk

ad-creator

Fail

Audited by Snyk on Mar 20, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.90). These URLs are suspicious because tempo.im/install.sh is a direct shell script download from an unvetted domain (piping remote scripts to sh is high-risk) and agentads.xyz is an untrusted, likely new .xyz domain used for ad/payment flows (potential phishing/typosquat) — together they represent a suspicious distribution vector for malware or fraud.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.70). The skill's scripts call the public AgentAds API at https://agent-ads.yashatreya-ya.workers.dev (see scripts/submit_ad.js, scripts/check_stats.js, scripts/topup_ad.js) and the API docs explicitly expose a GET /ad/:id endpoint that returns raw ad markdown (user-submitted content), so the agent consumes untrusted, third-party content that can influence follow-up actions like top-ups and submissions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.80). The skill requires installing the Tempo CLI via a runtime command that fetches and executes remote code ("curl -sSL https://tempo.im/install.sh | sh"), so https://tempo.im/install.sh is a required external script executed during setup and therefore poses execution risk.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill explicitly includes crypto payment and wallet operations: it requires Tempo CLI and a Tempo wallet login, uses tempo wallet whoami to obtain an address, and states "This costs $0.10 USDC via Tempo. The script handles the MPP payment flow automatically." It also exposes concrete scripts/commands that perform monetary actions: submit_ad.js (handles payment during submission) and topup_ad.js <ad_id> <amount_usd> to fund campaigns (with specified top-up ranges and USDC on Tempo mainnet). These are specific, purpose-built financial operations (crypto wallet payments and top-ups), not generic tooling.

Issues (4)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 20, 2026, 02:06 AM
Issues
4