skills/atlanhq/application-sdk/upgrade-v3/Snyk

upgrade-v3

Fail

Audited by Snyk on May 11, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The prompt explicitly tells the agent to read credentials from .env (API_KEY_ID, API_SECRET, etc.) and insert them into curl commands / JSON payloads (verbatim placeholders like "<API_KEY_ID>" / "<API_SECRET>"), which requires the LLM to output secret values directly.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 11, 2026, 05:21 AM

Issues

1