File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- references/cli-reference.md:212
Security audit
Security checks across malware telemetry and agentic risk
No supplied scanner or telemetry evidence shows unsafe behavior, but the skill artifacts could not be independently inspected in this run.
Proceed only if the visible skill files match the advertised purpose and do not request unexpected access. Based on the supplied evidence alone, there is no artifact-backed reason to hold it for Review.
57/57 vendors flagged this skill as clean.
Detected: suspicious.exposed_secret_literal