skills/inselfcontroll/ai-agent-skills/workos/Snyk

workos

Fail

Audited by Snyk on May 5, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill explicitly requests "WorkOS Client ID, API Key" as inputs and produces code/handlers, which encourages the agent to accept and embed secret values verbatim rather than using environment-based or tool-managed auth, creating an exfiltration risk.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

May 5, 2026, 01:35 AM

Issues

1