crafters-cli

Fail

Audited by Snyk on Jun 16, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and instructs using API credentials (e.g., --spaceshipKey, --spaceshipSecret, --vercelToken, and an example Clerk key sk_live_xxx) as command-line arguments, meaning an agent would be expected to include secrets verbatim in generated commands — an insecure pattern.

Issues (1)

W007
HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 16, 2026, 07:27 PM
Issues
1
Security Audit — snyk — crafters-cli