Skills
skills/necatiarslan/awsclaw/awsclaw-sts/Snyk

awsclaw-sts

Fail

Audited by Snyk on Apr 13, 2026

Risk Level: HIGH
Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

  • Insecure credential handling detected (high risk: 1.00). The STSTool schema and examples require the agent to emit sensitive values (e.g., WebIdentityToken, SAMLAssertion, MFA TokenCode, temporary credentials or access keys) as literal parameter values in the JSON command, forcing the LLM to include secrets verbatim in its output.

Issues (1)

W007
HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata
Risk Level
HIGH
Analyzed
Apr 13, 2026, 08:11 PM
Issues
1