uapi-post-text-aes-decrypt-advanced

Fail

Audited by Snyk on Jun 16, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.80). The skill entails calling an AES decryption endpoint and explicitly mentions supplying a UAPI Key (and implicitly an AES key/params) which the agent may need to embed verbatim in requests or generated commands, and it does not mandate secure patterns (env vars/CLI-managed auth), creating an exfiltration risk.

Issues (1)

W007
HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 16, 2026, 06:31 PM
Issues
1
Security Audit — snyk — uapi-post-text-aes-decrypt-advanced