Skills
skills/fabioc-aloha/windowswidget/Gamma Presentations Skill/Snyk

Gamma Presentations Skill

Fail

Audited by Snyk on Mar 10, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 0.90). The prompt contains multiple examples that embed API keys directly (e.g., curl with X-API-KEY: sk-gamma-xxx and code that injects apiKey into request headers) which encourages the LLM to include secret values verbatim in generated commands/requests, creating an exfiltration risk even though an env var is mentioned.
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 10, 2026, 03:55 AM