skills/nguyenthienthanh/aura-frog/git-workflow/Snyk

git-workflow

Fail

Audited by Snyk on Mar 29, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to "STOP. Show matches." when secrets are detected, which requires outputting matched lines (potentially containing API keys/passwords) verbatim, enabling secret exfiltration.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Mar 29, 2026, 05:11 PM

Issues

1