Skip to main content

segment-cdp

Provides expert patterns for Segment Customer Data Platform, enhancing analytics and tracking capabilities for businesses.

Install this skill

or
24/100

Security score

The segment-cdp skill was audited on May 19, 2026 and we found 12 security issues across 4 threat categories, including 2 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 608

Template literal with variable interpolation in command context

SourceSKILL.md
608const authHeader = `Basic ${btoa(SEGMENT_WRITE_KEY + ':')}`;
high line 625

Template literal with variable interpolation in command context

SourceSKILL.md
625const response = await fetch(`${SEGMENT_API}${endpoint}`, {
medium line 128

Webhook reference - potential data exfiltration

SourceSKILL.md
128webhooks, and sensitive data.
medium line 187

Webhook reference - potential data exfiltration

SourceSKILL.md
187// app/api/webhooks/stripe/route.ts
medium line 240

Webhook reference - potential data exfiltration

SourceSKILL.md
240- webhook processing
medium line 29

Access to .env file

SourceSKILL.md
29writeKey: process.env.NEXT_PUBLIC_SEGMENT_WRITE_KEY!,
medium line 135

Access to .env file

SourceSKILL.md
135writeKey: process.env.SEGMENT_WRITE_KEY!,
medium line 577

Access to .env file

SourceSKILL.md
577app_version: process.env.NEXT_PUBLIC_APP_VERSION,
medium line 578

Access to .env file

SourceSKILL.md
578environment: process.env.NODE_ENV,
medium line 584

Access to .env file

SourceSKILL.md
584version: process.env.NEXT_PUBLIC_APP_VERSION,
medium line 604

Access to .env file

SourceSKILL.md
604const SEGMENT_WRITE_KEY = process.env.SEGMENT_WRITE_KEY!;
low line 605

External URL reference

SourceSKILL.md
605const SEGMENT_API = 'https://api.segment.io/v1';
Scanned on May 19, 2026
View Security Dashboard
Installation guide →