critical
suspicious.exposed_secret_literal
- Location
- scripts/acceptance_rate_analysis.py:47
- Finding
- File appears to expose a hardcoded API secret or token.
my_acceptance_rate_analysis_new
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.exposed_secret_literal
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
ConcernHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
Anyone with the skill package may obtain or use the embedded token to query the DataWorks metric service, potentially under an account or permission boundary the user did not approve.
Why it was flagged
The client falls back to an embedded DataWorks access token and sends it as an authentication cookie. This grants account-backed API access without requiring the user to provide or scope their own credential.
Skill content
DEFAULT_ACCESS_TOKEN = os.getenv("BIGDATA_ACCESS_TOKEN", "manage-3f0c66fa-...") ... headers={"Cookie": f"bigdata_access_token={access_token or DEFAULT_ACCESS_TOKEN}"}Recommendation
Remove and rotate the embedded token, require a user-provided secret such as BIGDATA_ACCESS_TOKEN, declare the credential requirement in metadata, and validate that requests only go to trusted endpoints.
ConcernHigh Confidence
ASI06: Memory and Context PoisoningWhat this means
Private analysis results may remain in local or agent logs after the task, increasing the chance of accidental disclosure or reuse outside the intended analysis.
Why it was flagged
Raw SQL metadata, response rows, and data lists are logged by default unless DATAWORKS_QUERY_LOG is disabled. These query results can contain sensitive business, funding, or asset-segmentation data.
Skill content
if os.getenv("DATAWORKS_QUERY_LOG", "1") ... logger.info("[query_metric_data] 响应原始数据 {}", json.dumps({"sql": data.get("sql"), "data_list": data_list, "rows": _map_response_rows(column_head_list, data_list)}))Recommendation
Disable raw response logging by default, redact sensitive fields, document any retained logs, and provide a clear retention and cleanup mechanism.