skills/zackbart/skills/nanomdm/Snyk

nanomdm

Fail

Audited by Snyk on Mar 20, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill includes and encourages embedding API keys, passwords, and DSNs directly in commands and CLI flags (e.g., curl -u nanomdm:APIKEY, -storage-dsn user:pass, -api APIKEY), which requires the LLM to handle/output secrets verbatim and is high-risk.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Mar 20, 2026, 04:23 PM

Issues

1