skills/grandcamel/confluence-assistant-skills/confluence-jira/Snyk

confluence-jira

Fail

Audited by Snyk on May 3, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill explicitly documents and demonstrates passing API credentials as command-line flags (e.g., --jira-token your-api-token) and allows providing explicit JIRA credentials, which encourages the agent to accept and emit secret values verbatim in commands/outputs.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 3, 2026, 07:14 PM

Issues

1

Security Audit — snyk — confluence-jira