File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- references/AMAZON_API.md:38
Security audit
Security checks across malware telemetry and agentic risk
This skill is a coherent generator for an Amazon affiliate WordPress plugin, with its content changes, optional Amazon API credentials, and caching behavior disclosed.
Install only if you intend to generate an Amazon affiliate WordPress plugin. Review the generated PHP before production use, confirm the output path is appropriate, protect any PA-API secret key stored in WordPress, and test replace/append behavior plus affiliate disclosures on a staging site before enabling it broadly.
64/64 vendors flagged this skill as clean.
Detected: suspicious.exposed_secret_literal