appwrite-kotlin

The skill presents a coherent Appwrite Kotlin SDK usage pattern for both client and server contexts, including authentication, database, storage, and SSR flows. However, the footprint includes sensitive credential handling (API keys via environment variables, admin-facing endpoints) and session cookies that, if misused or exposed in logs, could lead to credential leakage. The presence of admin API key usage in code samples and environment-based secrets elevates security risk beyond a fully client-side SDK demo. Overall, the skill is CHECKED as SUSPICIOUS due to credential exposure risk and potential over-permission usage, though not explicitly malicious in intent. Recommend restricting admin API key usage to secure server environments, clearly labeling samples as server-only and avoiding embedding keys or tokens in client-visible code, and ensuring all logs, error messages, and previews do not leak secrets.