critical
suspicious.exposed_secret_literal
- Location
- SKILL.md:92
- Finding
- File appears to expose a hardcoded API secret or token.
Twenty CRM OAuth Mastery
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.exposed_secret_literal
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A user following this guidance could make account tokens easier to steal, potentially allowing unauthorized access to the CRM or connected Google/Microsoft data.
Why it was flagged
The skill recommends making an authentication token cookie readable by browser JavaScript. That can expose session or OAuth tokens to theft if any XSS or malicious script is present.
Skill content
httpOnly: false, // 🔴 Must be false for JavaScript access
Recommendation
Do not adopt `httpOnly: false` for token-bearing cookies without a security review. Prefer HttpOnly cookies, short-lived one-time exchange codes, backend-mediated token exchange, or another design that does not expose tokens to JavaScript.
What this means
OAuth tokens could allow access to user email, calendar, or CRM-connected services if logged, copied into prompts, or stored insecurely.
Why it was flagged
The skill intentionally teaches preservation and passing of OAuth access and refresh tokens. This is aligned with email/calendar sync setup, but these tokens grant account access and need careful handling.
Skill content
return { ...profile, accessToken: _accessToken, refreshToken: _refreshToken,Recommendation
Ensure token values are never pasted into chats, logs, tickets, or screenshots; store them only in approved secret storage and limit scopes to what the sync feature needs.
What this means
Running these commands on the wrong system could cause downtime or expose sensitive OAuth configuration in the agent context or logs.
Why it was flagged
The skill documents operational commands that can restart a running service and print OAuth-related environment variables, which may include client secrets.
Skill content
docker restart fratres-twenty # Restart container docker exec fratres-twenty env | grep AUTH_GOOGLE # Check env vars
Recommendation
Run operational commands only after explicit approval, preferably in staging first, and redact secret values before sharing command output.