skills/shigzz/aliyun-skills/aliyun-domain-skill/Snyk

aliyun-domain-skill

Fail

Audited by Snyk on Mar 25, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). Insecure: the prompt explicitly instructs checking the .env by running "find ... -exec cat {} ;" which would print ALIBABA_CLOUD_ACCESS_KEY_ID/SECRET verbatim and thus requires the agent to read/output secret values.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Mar 25, 2026, 08:22 AM

Issues

1