skills/even-realities/everything-evenhub/background-state/Snyk

background-state

Fail

Audited by Snyk on Apr 26, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill reads plugin source files and outputs modified source code verbatim (inserting state calls), so if those files contain API keys, tokens, or passwords the LLM would be required to handle and reproduce those secret values unabashedly, creating a high exfiltration risk.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Apr 26, 2026, 09:55 PM

Issues

1

Security Audit — snyk — background-state