ideogram-security-basics
Implements security best practices for Ideogram API keys and access control, ensuring secure storage and minimal permissions.
Install this skill
or
72/100
Security score
The ideogram-security-basics skill was audited on Feb 28, 2026 and we found 12 security issues across 4 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 40
Template literal with variable interpolation in command context
SourceSKILL.md
| 40 | ```bash |
medium line 85
Webhook reference - potential data exfiltration
SourceSKILL.md
| 85 | ### Webhook Signature Verification |
low line 89
Webhook reference - potential data exfiltration
SourceSKILL.md
| 89 | function verifyWebhookSignature( |
medium line 102
Webhook reference - potential data exfiltration
SourceSKILL.md
| 102 | - [ ] Webhook signatures validated |
low line 29
Access to .env file
SourceSKILL.md
| 29 | # .env (NEVER commit to git) |
low line 34
Access to .env file
SourceSKILL.md
| 34 | .env |
low line 35
Access to .env file
SourceSKILL.md
| 35 | .env.local |
low line 36
Access to .env file
SourceSKILL.md
| 36 | .env.*.local |
low line 77
Access to .env file
SourceSKILL.md
| 77 | apiKey: process.env.IDEOGRAM_READ_KEY, |
low line 80
Access to .env file
SourceSKILL.md
| 80 | apiKey: process.env.IDEOGRAM_WRITE_KEY, |
medium line 99
Access to .env file
SourceSKILL.md
| 99 | - [ ] `.env` files in `.gitignore` |
low line 47
External URL reference
SourceSKILL.md
| 47 | https://api.ideogram.com/health |
Scanned on Feb 28, 2026
View Security Dashboard