skills/buildbetter-app/bb-skills/generate-tests/Snyk

generate-tests

Fail

Audited by Snyk on Apr 7, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to read credentials from project memory (reference_local_auth.md) and create a .env.test.local containing BB_TEST_EMAIL and BB_TEST_PASSWORD, which requires emitting the secret values verbatim into generated files, constituting direct secret handling/exfiltration risk.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Apr 7, 2026, 04:22 PM

Issues

1