skills/riba2534/feishu-cli/feishu-cli-bitable/Snyk

feishu-cli-bitable

Fail

Audited by Snyk on May 10, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill explicitly shows and instructs using base/app tokens as --base-token command-line arguments and copying tokens from URLs (embedding them verbatim in commands), which requires the LLM to handle/output secret values directly.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 10, 2026, 08:28 AM

Issues

1