{"skill":{"slug":"fang","displayName":"Fang: protect your env variables from being stealed.","summary":"Protect environment variables from being stolen by malicious skill scripts. Runs a two-phase security audit: (1) static pattern scan via scan_env.py to detec...","tags":{"latest":"1.0.0"},"stats":{"comments":0,"downloads":117,"installsAllTime":0,"installsCurrent":0,"stars":0,"versions":1},"createdAt":1774445968634,"updatedAt":1774447615682},"latestVersion":{"version":"1.0.0","createdAt":1774445968634,"changelog":"Initial release: two-phase security audit tool for detecting environment variable theft in skill scripts.\n\n- Static pattern scan across Python and shell files to flag env access, network calls, encoding, and exec usage with automatic risk scoring.\n- (Optional) LLM-powered deep analysis covering multiple script types (.py, .sh, .js, .ts, .ps1, .bash) for sophisticated exfiltration patterns and obfuscation.\n- Produces a structured report rating each file's risk (HIGH/MEDIUM/LOW/CLEAN) and recommends actions.\n- Command-line interface with options for API key/model selection and report export.\n- Designed for auditing, investigation, and periodic security sweeps of skill directories.","license":"MIT-0"},"metadata":null,"owner":{"handle":"goog","userId":"s17em2bafnnpytnkgk2apn7p6h83fqsf","displayName":"Jay","image":"https://avatars.githubusercontent.com/u/1488374?v=4"},"moderation":null}