skills/aradotso/codex-skills/codex-cli-delegation/Snyk

codex-cli-delegation

Fail

Audited by Snyk on May 19, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 0.90). The skill includes explicit examples that show and instruct setting API secrets directly (e.g., export OPENAI_API_KEY=sk-... and using sk-... in commands), which encourages embedding secret values verbatim in commands or outputs and thus poses a high exfiltration risk.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 19, 2026, 12:56 AM

Issues

1