skills/laststance/skills/auto/Snyk

auto

Fail

Audited by Snyk on May 15, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 0.90). The skill explicitly stores and then emits the user's "objective" verbatim (into .claude/auto.json and into the pursuit-mode output), so any secret the user places as the objective would be copied into files and LLM output — enabling secret exfiltration.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 15, 2026, 03:28 AM

Issues

1

Security Audit — snyk — auto