valuescan-skill-beta

AdvisoryAudited by Static analysis on May 10, 2026.

Overview

Detected: suspicious.exposed_secret_literal

Findings (1)

critical

suspicious.exposed_secret_literal

Location: script/sdk/vs_api_sign.js:48
Finding: File appears to expose a hardcoded API secret or token.