Environment variable access combined with network send.
Critical
- Code
- suspicious.env_credential_access
- Location
- scripts/patterns.sh:241
Security audit
Security checks across malware telemetry and agentic risk
AuthAudit mostly behaves like a local auth-security scanner, but its license-token parsing can run attacker-controlled code from a crafted license key.
Review this skill before installing in a sensitive environment. The scanner itself appears local and purpose-aligned, but only use license keys from a trusted source and avoid storing or testing untrusted JWT/license strings because the current license parser can execute crafted payloads locally. Install git hooks only in repositories where you want AuthAudit to run automatically on future commits or pushes.
67/67 vendors flagged this skill as clean.
Detected: suspicious.env_credential_access