check-airport-delays
Fail
Audited by Snyk on Jul 8, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The skill includes a literal API key example (wm_0123456789abcdef0123456789abcdef01234567) and mandates supplying an X-WorldMonitor-Key header, which encourages embedding a secret value verbatim in requests/outputs.
HIGH W008: Secret detected in skill content (API keys, tokens, passwords).
- Secret detected (high risk: 1.00). The document contains a high-entropy, literal API key: "wm_0123456789abcdef0123456789abcdef01234567" (line shows a full key prefixed with "wm_"). This looks like a real, usable server-to-server API key (not a placeholder like YOUR_API_KEY or truncated/redacted), so it should be treated as a secret and flagged.
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W008
HIGHSecret detected in skill content (API keys, tokens, passwords).
Audit Metadata