tao-generate-referring-expressions
Fail
Audited by Snyk on Jun 23, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The prompt instructs the assistant to collect API keys (e.g., Gemini/
api_key, OpenAI-compatibleapi_key) and to place them into config fields or command-line overrides, which requires handling and potentially emitting secret values verbatim in generated specs/commands.
Issues (1)
W007
HIGHInsecure credential handling detected in skill instructions.
Audit Metadata