File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- SKILL.md:48
Security audit
SEO Analyzer Pro
Security checks across malware telemetry and agentic risk
Overview
The SEO functionality is straightforward, but the skill documentation exposes a hardcoded API key that is not declared or justified by the code.
Do not install this version until the hardcoded API key is removed and rotated. If you do use the SEO analyzer, provide only public webpage URLs and avoid internal or private addresses.
VirusTotal
66/66 vendors flagged this skill as clean.
Static analysis
Detected: suspicious.exposed_secret_literal