critical
suspicious.exposed_secret_literal
- Location
- docs/extensions/dblink.md:45
- Finding
- File appears to expose a hardcoded API secret or token.
Neon Database Complete Documentation
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.exposed_secret_literal, suspicious.generated_source_template_injection
Findings (7)
critical
suspicious.exposed_secret_literal
- Location
- docs/guides/logical-replication-alloydb.md:212
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- docs/guides/logical-replication-cloud-sql.md:158
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- docs/guides/logical-replication-postgres-to-neon.md:130
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- docs/guides/postgrest.md:212
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.generated_source_template_injection
- Location
- docs/guides/knex.md:74
- Finding
- User-controlled placeholder is embedded directly into generated source code.
critical
suspicious.generated_source_template_injection
- Location
- docs/reference/cli-completion.md:50
- Finding
- User-controlled placeholder is embedded directly into generated source code.