stash-encryption
Enables secure field-level encryption in TypeScript/Node.js projects using CipherStash, ensuring data privacy and compliance.
Install this skill
or
78/100
Security score
The stash-encryption skill was audited on May 26, 2026 and we found 6 security issues across 4 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 295
Template literal with variable interpolation in command context
SourceSKILL.md
| 295 | console.log(`${item.id}: ${item.data}`) |
medium line 297
Template literal with variable interpolation in command context
SourceSKILL.md
| 297 | console.error(`${item.id} failed: ${item.error}`) |
medium line 621
Webhook reference - potential data exfiltration
SourceSKILL.md
| 621 | **The dual-write definition matters.** "Writes both columns" is not enough. The rule is: every persistence path that mutates this row writes both columns, in the same transaction, on every code branch |
medium line 67
Access to .env file
SourceSKILL.md
| 67 | Set these in `.env` or your hosting platform: |
low line 76
External URL reference
SourceSKILL.md
| 76 | Sign up at [cipherstash.com/signup](https://cipherstash.com/signup) to generate credentials. |
low line 453
External URL reference
SourceSKILL.md
| 453 | CS_CTS_ENDPOINT=https://ap-southeast-2.aws.auth.viturhosted.net |
Scanned on May 26, 2026
View Security Dashboard