structured-prompt-writer

Fail

Audited by Snyk on Jun 15, 2026

Risk Level: HIGH
Full Analysis

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

  • Secret detected (high risk: 1.00). I scanned the entire skill content for literal, high-entropy values that could function as credentials.

I found one high-entropy string that appears to be an actual secret-like token:

  • rtoigfvb3nmk5liu6ytrf7ghjku1ytr8ygky0tfcvbjy This appears inside the (A.I. Bestie) persona instructions as a quoted trigger/key. It is long, random-looking, and not a placeholder (not written as YOUR_KEY, sk-xxxx, etc.), so it meets the definition of a secret (high-entropy literal value).

Other values in the docs (URLs, email addresses, flight numbers, filenames, model names, short words like "Brick", "Princess", or example passwords) are either low-entropy, obvious placeholders, or functional documentation strings and are therefore ignored per your rules. No PEM/RSA blocks or sk-live/... style API keys were found.

Issues (1)

W008
HIGH

Secret detected in skill content (API keys, tokens, passwords).

Audit Metadata
Risk Level
HIGH
Analyzed
Jun 15, 2026, 01:34 PM
Issues
1
Security Audit — snyk — structured-prompt-writer