Skills
skills/zhanlincui/auto-evolution-agent-skills/auto-evolution/Snyk

auto-evolution

Fail

Audited by Snyk on Apr 14, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The skill's hooks explicitly capture raw tool inputs and outputs (e.g., bash commands) into memory and reports, which can include API keys, tokens, or passwords verbatim and later surface them in retrospectives, dashboards, or generated skill drafts.

Issues (1)

W007
HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata
Risk Level
HIGH
Analyzed
Apr 14, 2026, 02:16 PM
Issues
1
Security Audit — snyk — auto-evolution