skills/berriai/litellm-skills/update-mcp/Snyk

update-mcp

Fail

Audited by Snyk on Apr 3, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The prompt asks for/handles an auth token rotation and shows curl output with "credentials": "<new_token>", meaning the agent would need to accept and embed the secret verbatim in generated requests/commands, creating an exfiltration risk.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Apr 3, 2026, 10:35 PM

Issues

1