Skills
skills/saschabrunnerch/arcgis-maps-sdk-js-ai-context/arcgis-rest-services/Snyk

arcgis-rest-services

Fail

Audited by Snyk on Apr 17, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples that assign API keys/tokens directly in code (esriConfig.apiKey = "YOUR_API_KEY"; esriId.registerToken({ token: "YOUR_TOKEN" })), which would require the LLM to embed secret values verbatim in generated output and thus poses a secret-exfiltration risk.

Issues (1)

W007
HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata
Risk Level
HIGH
Analyzed
Apr 17, 2026, 05:15 AM
Issues
1
Security Audit — snyk — arcgis-rest-services