twinmind-prod-checklist

Provides a comprehensive checklist for deploying TwinMind integrations, ensuring production readiness and best practices are followed.

Install this skill

or

59/100

Security score

The twinmind-prod-checklist skill was audited on May 12, 2026 and we found 21 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 211

Template literal with variable interpolation in command context

SourceSKILL.md

211

```bash

medium line 299

Template literal with variable interpolation in command context

SourceSKILL.md

299	console.log(`[PASS] ${check.name}`);

medium line 301

Template literal with variable interpolation in command context

SourceSKILL.md

301	console.log(`[FAIL] ${check.name}: ${error.message}`);

medium line 308

Template literal with variable interpolation in command context

SourceSKILL.md

308	headers: { 'Authorization': `Bearer ${process.env.TWINMIND_API_KEY}` },

medium line 310

Template literal with variable interpolation in command context

SourceSKILL.md

310	if (!response.ok) throw new Error(`HTTP ${response.status}`);

low line 307

Fetch to external URL

SourceSKILL.md

307	const response = await fetch('https://api.twinmind.com/v1/health', {

low line 45

Webhook reference - potential data exfiltration

SourceSKILL.md

45	- [ ] Webhook secrets configured

low line 50

Webhook reference - potential data exfiltration

SourceSKILL.md

50	- [ ] Webhook signature verification enabled

low line 147

Webhook reference - potential data exfiltration

SourceSKILL.md

147	- [ ] Dead letter queue for failed webhooks

low line 247

Webhook reference - potential data exfiltration

SourceSKILL.md

247	# Check webhook secret

low line 248

Webhook reference - potential data exfiltration

SourceSKILL.md

248	echo -n "Checking webhook secret... "

low line 249

Webhook reference - potential data exfiltration

SourceSKILL.md

249	if [ -n "$TWINMIND_WEBHOOK_SECRET" ]; then

low line 252

Webhook reference - potential data exfiltration

SourceSKILL.md

252	echo "WARNING: TWINMIND_WEBHOOK_SECRET not set"

low line 289

Webhook reference - potential data exfiltration

SourceSKILL.md

289	{ name: 'Webhook', fn: testWebhook },

low line 308

Access to .env file

SourceSKILL.md

308	headers: { 'Authorization': `Bearer ${process.env.TWINMIND_API_KEY}` },

low line 240

External URL reference

SourceSKILL.md

240	https://api.twinmind.com/v1/health)

low line 307

External URL reference

SourceSKILL.md

307	const response = await fetch('https://api.twinmind.com/v1/health', {

low line 316

External URL reference

SourceSKILL.md

316	const result = await client.transcribe('https://example.com/test-audio.mp3');

low line 368

External URL reference

SourceSKILL.md

368	- [TwinMind Enterprise SLA](https://twinmind.com/enterprise)

low line 369

External URL reference

SourceSKILL.md

369	- [Production Best Practices](https://twinmind.com/docs/production)

low line 370

External URL reference

SourceSKILL.md

370	- [Status Page](https://status.twinmind.com)

Scanned on May 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2.2K

Rate this skill

Categorydevelopment

UpdatedMay 20, 2026

claude claude-code codex frontend design docx api database testing devops devops-sre backend-developer product-manager datadog development product

jeremylongshore/claude-code-plugins-plus-skills