skills/cinience/alicloud-skills/aliyun-openclaw-setup-test/Snyk

aliyun-openclaw-setup-test

Fail

Audited by Snyk on May 9, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 0.80). The test instructs the agent to read config files and save command outputs (e.g., checking ~/.openclaw/openclaw.json and verifying Discord token or env var), which can require exposing API keys/bot tokens verbatim in generated outputs or logs.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 9, 2026, 06:55 PM

Issues

1