Fail
Audited by Snyk on Mar 2, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed plaintext passwords in command-line arguments (e.g., qpdf --password=mypassword) and in code (writer.encrypt("用户密码", ...)), which instructs including secret values verbatim and is an exfiltration risk.
Audit Metadata