skills/posthog/posthog-foss/adding-project-secret-api-key-auth/Snyk

adding-project-secret-api-key-auth

Fail

Audited by Snyk on Jun 24, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and requires embedding the project secret API key (phs_) verbatim in requests/commands (e.g., the curl Authorization header), which forces the LLM to handle/output secret values directly.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Jun 24, 2026, 06:17 PM

Issues

1

Security Audit — snyk — adding-project-secret-api-key-auth