SecurityVérifié

Risque eleve

cc-skill-security-review

Des signaux critiques ont ete detectes et l'installation doit etre encadree.

40/100

1high2medium

Recommandations

⛔ Score 40/100 — Ce skill présente des risques sérieux. Audit manuel requis.

Risques Détectés3

Hardcoded Secrethigh

hardcoded_secret

Potentially hardcoded secret

Line 29

Snippets

L29const apiKey = "sk-proj-xxxxx" // Hardcoded secret

L30const dbPassword = "password123" // In source code

L29const apiKey = "sk-proj-xxxxx" // Hardcoded secret

L30const dbPassword = "password123" // In source code

Network Callmedium

network_call

Outbound network call

Line 432

Snippets

L432 const response = await fetch('/api/protected')

L438 const response = await fetch('/api/admin', {

L446 const response = await fetch('/api/users', {

L456 fetch('/api/endpoint')

L432 const response = await fetch('/api/protected')

Env Accessmedium

env_access

Environment variable access

Line 35

Snippets

L35const apiKey = process.env.OPENAI_API_KEY

L36const dbUrl = process.env.DATABASE_URL

L35const apiKey = process.env.OPENAI_API_KEY

L36const dbUrl = process.env.DATABASE_URL

Voir les risques detectes

Connectez-vous pour consulter l'analyse detaillee des risques.

$npx agentfend install cmn92q2xj00s7u1ip7u68n9g5

Trust Score

52trust

⭐ 27,8 k🍴 4,7 k

Mis a jour il y a 2 semaines

Analyse le

31 mars 2026, 15:58

+ 2 previous scans

Compatible avec

AGAntigravity

Skill details

Trust score

52/100

GitHub

Connected

Stars

27,8 k

Forks

4,7 k

Mis a jour il y a 2 semaines

Analyse le 31 mars 2026, 15:58

Description

"This skill ensures all code follows security best practices and identifies potential vulnerabilities. Use when implementing authentication or authorization, handling user input or file uploads, or creating new API endpoints."

Voir la source

Scans recents

31 mars 2026, 15:58

Latest analysis

31 mars 2026, 15:11

Run 2

27 mars 2026, 15:46

Run 1