File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- SKILL.md:116
Security audit
Security checks across malware telemetry and agentic risk
This is a local Python static scanner whose behavior matches its stated purpose and shows no hidden persistence, network sharing, or file modification.
Install only if you want a basic local static checker for Python skill files. Point it at the specific file or skill directory you intend to review, manually read any warnings, and do not rely on it as a complete security audit or automated publish gate without confirming its exit-code behavior.
66/66 vendors flagged this skill as clean.
Detected: suspicious.exposed_secret_literal