skills/odyssey4me/agent-skills/google-calendar/Snyk

google-calendar

Fail

Audited by Snyk on May 15, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill instructs storing OAuth client_id/client_secret in plaintext YAML and shows usage of an --client-secret command-line flag (embedding secrets verbatim in files/commands), which is an insecure exfiltration pattern.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 15, 2026, 02:33 AM

Issues

1