totp
Fail
Audited by Snyk on Mar 4, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to create, store, and display Base32 TOTP secrets, otpauth URIs, and current codes in its outputs, which requires the LLM to include secret values verbatim and thus poses direct exfiltration risk.
Audit Metadata