Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
Maverick gog
Security checks across static analysis, malware telemetry, and agentic risk
Overview
No artifact-backed suspicious behavior could be identified, but the workspace files could not be inspected because every shell read failed before execution.
Do not treat this low-confidence result as a complete approval; rerun the review when metadata.json and artifact/ can be read successfully.
Static analysis
VirusTotal
52/52 vendors flagged this skill as clean.
Risk analysis
No visible risk-analysis findings were reported for this release.