skills/prefactordev/typescript-sdk/desloppify/Snyk

desloppify

Fail

Audited by Snyk on May 1, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The review/import workflow explicitly requires including the generated "session" object (including "token") from the external template in the JSON --external-submit payload, which forces the agent to copy a session token verbatim into its output.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 1, 2026, 05:52 PM

Issues

1