skills/openhands/skills/bitbucket-data-center/Snyk

bitbucket-data-center

Fail

Audited by Snyk on Jun 24, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs embedding the BITBUCKET_DATA_CENTER_TOKEN (username:token) directly into curl commands and git remote URLs—requiring the agent to handle and output the secret verbatim, which is high-risk secret exfiltration.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Jun 24, 2026, 04:51 PM

Issues

1

Security Audit — snyk — bitbucket-data-center