Skills
skills/ortus-boxlang/skills/bx-ai-chatting/Snyk

bx-ai-chatting

Fail

Audited by Snyk on Apr 15, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt explicitly demonstrates passing API keys as literal option values (e.g., apiKey: "sk-..."), instructing the agent to include credentials directly in generated code/commands, which is an insecure secret-handling pattern.

Issues (1)

W007
HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata
Risk Level
HIGH
Analyzed
Apr 15, 2026, 02:44 PM
Issues
1