skills/l3digital-net/claude-code-plugins/curl-wget/Snyk

curl-wget

Fail

Audited by Snyk on Mar 18, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 0.80). The prompt includes examples that embed credentials directly in commands (e.g., curl -u username:password and Authorization: Bearer TOKEN), which encourages the LLM to output secret values verbatim if user-provided, creating exfiltration risk.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Mar 18, 2026, 01:37 PM

Issues

1

Security Audit — snyk — curl-wget