security-guide

Fail

Audited by Snyk on Jul 1, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.90). The prompt explicitly requires scanning files and environment variables for plaintext secrets and could cause the agent to read and display secret values (e.g., .env, environment vars, audit logs) verbatim in its output, creating an exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

  • Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs the agent to inspect and change system state (firewall rules, chmod sensitive files, run Docker containers, and offer an automated "/harden fix" flow), which includes actions that require elevated privileges and thus could modify or compromise the host system.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W013
MEDIUM

Attempt to modify system services in skill instructions.

Audit Metadata
Risk Level
HIGH
Analyzed
Jul 1, 2026, 10:04 PM
Issues
2
Security Audit — snyk — security-guide