pp-oura

Fail

Audited by Snyk on Jun 22, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). This skill's examples and instructions explicitly show placing an OAuth bearer token into command-line arguments and HTTP headers (e.g., curl -H "Authorization: Bearer YOUR_TOKEN_HERE" and oura-pp-cli auth set-token YOUR_TOKEN_HERE), which would force an agent/LLM to handle and potentially emit secrets verbatim.

Issues (1)

W007
HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 22, 2026, 03:57 PM
Issues
1
Security Audit — snyk — pp-oura