skills/lum1104/understand-anything/understand-dashboard/Snyk

understand-dashboard

Fail

Audited by Snyk on Apr 26, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to capture the Vite server's access token (the ?token= value) from stdout and include the full tokenized URL in its response, which requires handling and outputting a secret verbatim.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Apr 26, 2026, 08:19 AM

Issues

1