File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- scripts/guardrail.py:81
Security audit
Security checks across malware telemetry and agentic risk
This skill is a small guardrail library whose sensitive-looking text is used as test and detection examples, not as hidden behavior.
This skill is reasonable to install if you want a simple local guardrail helper, but treat it as a lightweight example library: review and tune the regex patterns before relying on it for production security decisions.
65/65 vendors flagged this skill as clean.
Detected: suspicious.exposed_secret_literal, suspicious.prompt_injection_instructions