replit-data-handling
Ensures compliance with GDPR/CCPA for Replit integrations by implementing data handling, retention, and redaction strategies.
Install this skill
Security score
The replit-data-handling skill was audited on May 12, 2026 and we found 10 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 88 | // pool.query(`SELECT * FROM users WHERE id = '${userId}'`) |
Template literal with variable interpolation in command context
| 131 | await db.set(`session:${sessionId}`, { |
Template literal with variable interpolation in command context
| 138 | return db.get(`session:${sessionId}`); |
Template literal with variable interpolation in command context
| 205 | const filename = req.headers['x-filename'] as string || `file-${Date.now()}`; |
Template literal with variable interpolation in command context
| 206 | const path = `uploads/${userId}/${filename}`; |
Template literal with variable interpolation in command context
| 215 | const path = `uploads/${req.params.userId}/${req.params.filename}`; |
Template literal with variable interpolation in command context
| 227 | const objects = await storage.list({ prefix: `uploads/${req.params.userId}/` }); |
Access to .env file
| 53 | if (!process.env.DATABASE_URL) { |
Access to .env file
| 58 | connectionString: process.env.DATABASE_URL, |
Access to .env file
| 300 | const isProduction = process.env.NODE_ENV === 'production'; |