local-finetune

Fail

Audited by Snyk on Jun 20, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The pipeline ingests raw chat history (~/.claude/history.jsonl) and writes message content verbatim into the DB and exported JSONL training files without redaction, which will embed any API keys/tokens/passwords present in history into outputs and fine-tuning data.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.85). Runtime LLM context is fed from outsider-authored free text in claude_history via read_json('~/.claude/history.jsonl', ...) where display becomes content, and then training_candidates exports instruction/output into JSONL messages consumed by mlx_lm.lora.

Issues (2)

W007
HIGH

Insecure credential handling detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 20, 2026, 04:49 PM
Issues
2
Security Audit — snyk — local-finetune