SecurityVerifiziert

High risk

cc-skill-security-review

Critical signals were detected and installation should be handled carefully.

40/100

1high2medium

Empfehlungen

⛔ Score 40/100 — Dieser Skill weist schwerwiegende Risiken auf. Manuelles Audit erforderlich.

Erkannte Risiken3

Hardcoded Secrethigh

hardcoded_secret

Potentially hardcoded secret

Line 29

Snippets

L29const apiKey = "sk-proj-xxxxx" // Hardcoded secret

L30const dbPassword = "password123" // In source code

L29const apiKey = "sk-proj-xxxxx" // Hardcoded secret

L30const dbPassword = "password123" // In source code

Network Callmedium

network_call

Outbound network call

Line 432

Snippets

L432 const response = await fetch('/api/protected')

L438 const response = await fetch('/api/admin', {

L446 const response = await fetch('/api/users', {

L456 fetch('/api/endpoint')

L432 const response = await fetch('/api/protected')

Env Accessmedium

env_access

Environment variable access

Line 35

Snippets

L35const apiKey = process.env.OPENAI_API_KEY

L36const dbUrl = process.env.DATABASE_URL

L35const apiKey = process.env.OPENAI_API_KEY

L36const dbUrl = process.env.DATABASE_URL

Voir les risques detectes

Connectez-vous pour consulter l'analyse detaillee des risques.

$npx agentfend install cmn92q2xj00s7u1ip7u68n9g5

Trust Score

52trust

⭐ 27.821🍴 4667

Updated vor 2 Wochen

Analysiert

31.03.2026, 15:58

+ 2 previous scans

Kompatibel mit

AGAntigravity

Skill details

Trust score

52/100

GitHub

Connected

Stars

27.821

Forks

4667

Updated vor 2 Wochen

Analysiert 31.03.2026, 15:58

Beschreibung

"This skill ensures all code follows security best practices and identifies potential vulnerabilities. Use when implementing authentication or authorization, handling user input or file uploads, or creating new API endpoints."

Quelle ansehen

Letzte Scans

31.03.2026, 15:58

Latest analysis

31.03.2026, 15:11

Run 2

27.03.2026, 15:46

Run 1