skills/salvo-rs/salvo-skills/salvo-database/Snyk

salvo-database

Fail

Audited by Snyk on Apr 13, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The prompts include hardcoded database connection strings like "postgres://user:pass@localhost/db" (credentials embedded in code), which instructs embedding secret values verbatim in outputs and thus poses a high exfiltration risk.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Apr 13, 2026, 06:49 AM

Issues

1