File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- skills/abel-common/python/abel_common/cap/auth.py:90
- Evidence
api_key = [REDACTED]("apiKey")
Security audit
Security checks across malware telemetry and agentic risk
Abel appears to be a legitimate Abel API and strategy-research bundle, but it expects local Python workflows, Abel credentials, cloud API calls, and persistent research files.
Install only if you are comfortable letting the agent run Abel research commands, use an Abel API token, send graph/research queries to Abel services, and store persistent research files in the workspace. Review generated strategy code and session evidence before running or visualizing it online.
VirusTotal engine telemetry is currently stale for this artifact.
Detected: suspicious.exposed_secret_literal
api_key = [REDACTED]("apiKey")api_key = [REDACTED](args.api_key, workspace_root=workspace_root)