Skills
skills/enuno/claude-command-and-control/FastMCP Development/Snyk

FastMCP Development

Fail

Audited by Snyk on Feb 14, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The prompt contains multiple examples and instructions that embed secrets verbatim (e.g., --env API_KEY=your_key, JSON config with "API_KEY": "your_value", BearerAuth(token="your-api-token"), and OAuth client_secret fields), which encourages the LLM to place actual API keys/tokens/passwords directly into generated commands/config/code.
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 14, 2026, 04:48 PM