skills/salvo-rs/salvo-skills/salvo-session/Snyk

salvo-session

Fail

Audited by Snyk on Apr 13, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The prompt shows a hard-coded 64-byte secret literal (b"secretab...") passed into SessionHandler::builder and gives no guidance to avoid embedding real secrets (e.g., env vars), so an agent generating or copying this code would output secret values verbatim.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Apr 13, 2026, 06:49 AM

Issues

1