skills/surrealdb/agent-skills/surrealdb-python/Snyk

surrealdb-python

Fail

Audited by Snyk on Apr 11, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The prompt includes plaintext credentials and example passwords embedded directly in commands and Python code (e.g., -u root -p root and db.signin({"username":"root","password":"root"})), which instructs the agent to output secret values verbatim.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Apr 11, 2026, 05:03 PM

Issues

1

Security Audit — snyk — surrealdb-python