ops
Fail
Audited by Snyk on Jun 16, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 0.90). The prompt requires the agent to display credential/token "value" fields verbatim once at creation and to use an IMS_TOKEN in Authorization headers (even though stored as env/file), so the agent will sometimes handle and output secret values directly — creating exfiltration risk.
Issues (1)
W007
HIGHInsecure credential handling detected in skill instructions.
Audit Metadata