skills/revenuecat/rc-claude-code-plugin/create-app/Snyk

create-app

Fail

Audited by Snyk on Mar 13, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to retrieve API keys via mcp_RC_list_public_api_keys and then embed those keys verbatim in generated code snippets/outputs (and includes example key-like strings), creating an exfiltration risk.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Mar 13, 2026, 08:58 AM

Issues

1