Auth0 Flask

AdvisoryAudited by Static analysis on May 10, 2026.

Overview

Detected: suspicious.exposed_secret_literal

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI03: Identity and Privilege Abuse

What this means

Running the setup can modify your Auth0 tenant and create or update local credential files.

Why it was flagged

The automated setup uses the user's Auth0 account to select or create an application and appends Auth0 configuration to an environment file.

Skill content

auth0 login ... auth0 apps create --name "${PWD##*/}-flask" --type regular ... AUTH0_CLIENT_SECRET='YOUR_CLIENT_SECRET'

Recommendation

Use a test tenant or app when possible, confirm the target env file, fill in the client secret yourself, and keep env files out of source control.

NoteHigh Confidence

ASI03: Identity and Privilege Abuse

What this means

If such a value were real, it would expose an Auth0 application secret.

Why it was flagged

A secret-like Auth0 client secret is packaged in an eval fixture. It appears synthetic, but it is still a credential-shaped value in the artifact.

Skill content

"Client Secret: `secret_xyz789abc123def456ghi789jkl012mno345pqr678stu901vwx234yz`"

Recommendation

Keep test credentials synthetic placeholders only, and rotate the credential immediately if this value corresponds to a real Auth0 app.

NoteHigh Confidence

ASI04: Agentic Supply Chain Vulnerabilities

What this means

If you run that setup path, you execute a remote installer on your machine.

Why it was flagged

The optional setup can download and execute the latest Auth0 CLI installer from GitHub rather than a pinned local dependency.

Skill content

curl -sSfL https://raw.githubusercontent.com/auth0/auth0-cli/main/install.sh | sh -s -- -b /usr/local/bin

Recommendation

Prefer a trusted package manager such as Homebrew where available, or inspect and verify the installer before running it.

NoteMedium Confidence

ASI07: Insecure Inter-Agent Communication

What this means

If someone runs the eval harness in a workspace containing real secrets, those secrets could be included in an LLM grading prompt.

Why it was flagged

The eval runner treats .env files as source files and includes collected source excerpts in prompts sent to a Claude CLI judge when the tests are run.

Skill content

".env", ... const judgePrompt = `You are evaluating code quality...${fileSummary}` ... $`claude ${judgeArgs}`

Recommendation

Run evals only in disposable workspaces with dummy credentials, and exclude env files before sending code to external judging tools.

Findings (2)

critical

suspicious.exposed_secret_literal

Location: tests/evals.json:6
Finding: File appears to expose a hardcoded API secret or token.

critical

suspicious.exposed_secret_literal

Location: tests/prompt.md:18
Finding: File appears to expose a hardcoded API secret or token.