skills/rajivpant/synthesis-skills/synthesis-response-merger/Snyk

synthesis-response-merger

Fail

Audited by Snyk on Apr 22, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill mandates preserving every detail and merging prompt-response inputs verbatim, which would force the LLM to reproduce any embedded secrets (API keys, tokens, passwords) from those inputs, creating a clear exfiltration risk.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Apr 22, 2026, 02:04 PM

Issues

1