skills/wanshuiyin/auto-claude-code-research-in-sleep/qzcli/Snyk

qzcli

Fail

Audited by Snyk on Apr 14, 2026

Risk Level: HIGH

Full Analysis

HIGH W007: Insecure credential handling detected in skill instructions.

Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples of embedding plaintext credentials in commands (e.g., qzcli login -u ... -p 'YOUR_PASSWORD' and echo 'YOUR_PASSWORD' | qzcli ...), which requires the agent to handle/output secret values verbatim.

Issues (1)

W007

HIGH

Insecure credential handling detected in skill instructions.

Audit Metadata

Risk Level

HIGH

Analyzed

Apr 14, 2026, 06:39 AM

Issues

1