skills/nweii/agent-stuff/things-mac/Snyk

things-mac

Fail

Audited by Snyk on May 8, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 0.90). The prompt explicitly shows and encourages passing an auth token as a command-line argument (e.g., --auth-token <TOKEN>) and includes examples with token placeholders, which encourages the LLM to embed secret values verbatim in generated commands/outputs.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 8, 2026, 10:00 PM

Issues

1

Security Audit — snyk — things-mac