releasenotes
Fail
Audited by Snyk on Jul 2, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 0.80). The prompt requires the agent to run git to read and normalize the remote URL and then include that repo URL in the final output; if the remote URL contains embedded credentials or tokens (e.g., HTTPS with username:token), the model would be forced to output those secrets verbatim.
Issues (1)
W007
HIGHInsecure credential handling detected in skill instructions.
Audit Metadata