pp-tesla
Fail
Audited by Snyk on May 25, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 0.80). The skill mostly uses secure flows (browser PKCE, files, exported encrypted bundles, and stdin/env) but it also documents insecure patterns that would require verbatim secrets in output (e.g., "auth login --refresh-token " and instructions to copy client_id/client_secret or paste redirect URLs), so an LLM could be asked to emit or relay raw tokens/credentials.
Issues (1)
W007
HIGHInsecure credential handling detected in skill instructions.
Audit Metadata