skills/getcargohq/cargo-skills/cargo-storage/Snyk

cargo-storage

Fail

Audited by Snyk on May 13, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows using an API token as a command-line argument (cargo-ai login --token ), which instructs embedding a secret verbatim in commands and is an insecure pattern.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 13, 2026, 12:22 PM

Issues

1

Security Audit — snyk — cargo-storage