Skills
skills/lkrdev/looker-embed-skills/conversational-analytics-api/Snyk

conversational-analytics-api

Fail

Audited by Snyk on Apr 17, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.90). The prompt instructs embedding OAuth client_id/client_secret credentials directly into SDK request objects (e.g., passing credentials into DataAgentContext/ChatRequest), which requires including secret values verbatim in generated code/requests and poses an exfiltration risk.

Issues (1)

W007
HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata
Risk Level
HIGH
Analyzed
Apr 17, 2026, 12:22 AM
Issues
1