skills/involvex/skills/mcp-configure/Snyk

mcp-configure

Fail

Audited by Snyk on Mar 26, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs obtaining an Azure access token and placing it verbatim into an Authorization: Bearer {token} header for API calls, which requires the LLM/agent to handle secret tokens directly and risks exfiltration.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Mar 26, 2026, 05:05 AM

Issues

1