skills/shuliuzhenhua-sys/shuliu-skills/feishu-card/Snyk

feishu-card

Fail

Audited by Snyk on Mar 27, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The skill tells the agent to extract the accessToken from feishu-auth output and place it as "Authorization: Bearer " in requests, which requires emitting the secret token verbatim in headers/commands.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Mar 27, 2026, 07:41 PM

Issues

1