Security Scanning
Facilitates API security assessments and automated vulnerability scanning to enhance application security and compliance.
Install this skill
or
53/100
Security score
The Security Scanning skill was audited on Mar 1, 2026 and we found 11 security issues across 3 threat categories, including 2 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
high line 397
Direct command execution function call
SourceSKILL.md
| 397 | const auditResult = execSync('npm audit --json', { encoding: 'utf8' }); |
high line 421
Direct command execution function call
SourceSKILL.md
| 421 | const snykResult = execSync('snyk test --json', { encoding: 'utf8' }); |
medium line 519
Template literal with variable interpolation in command context
SourceSKILL.md
| 519 | console.log(`Security report generated: ${reportPath}`); |
medium line 540
Template literal with variable interpolation in command context
SourceSKILL.md
| 540 | console.error(` - ${test.testName}: ${test.issues.join(', ')}`); |
low line 348
Node child_process module reference
SourceSKILL.md
| 348 | import { execSync } from 'child_process'; |
low line 84
Access to .env file
SourceSKILL.md
| 84 | jwtSecret: process.env.JWT_SECRET || 'fallback-secret', |
low line 95
Access to .env file
SourceSKILL.md
| 95 | enabled: process.env.NODE_ENV === 'production', |
low line 458
Access to .env file
SourceSKILL.md
| 458 | if (process.env.JWT_SECRET === 'fallback-secret') { |
low line 505
Access to .env file
SourceSKILL.md
| 505 | if (process.env.NODE_ENV === 'production' && !process.env.FORCE_HTTPS) { |
low line 90
External URL reference
SourceSKILL.md
| 90 | 'http://localhost:3000', |
low line 91
External URL reference
SourceSKILL.md
| 91 | 'https://yourdomain.com', |
Scanned on Mar 1, 2026
View Security Dashboard