imis-api
Facilitates iMIS API integration with workflows for implementing features, adding endpoints, and debugging issues.
Install this skill
Security score
The imis-api skill was audited on Feb 12, 2026 and we found 13 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 53 | const tokenResponse = await fetch(`${baseUrl}/token`, { |
Template literal with variable interpolation in command context
| 56 | body: `grant_type=password&username=${encodeURIComponent(username)}&password=${encodeURIComponent(password)}`, |
Template literal with variable interpolation in command context
| 61 | const response = await fetch(`${baseUrl}/api/{endpoint}`, { |
Template literal with variable interpolation in command context
| 63 | Authorization: `Bearer ${access_token}`, |
Template literal with variable interpolation in command context
| 123 | HttpClientRequest.get(`${env.baseUrl}/api/MyEndpoint`) |
Template literal with variable interpolation in command context
| 143 | HttpClientRequest.post(`${env.baseUrl}/api/MyEndpoint/_execute`) |
Access to hidden dotfiles in home directory
| 15 | ~/.local/share/imis/index.ts |
Access to hidden dotfiles in home directory
| 21 | grep -n "api.party\|api.query\|api.document" ~/.local/share/imis/index.ts |
Access to hidden dotfiles in home directory
| 35 | grep -A 20 "relevant-endpoint-name" ~/.local/share/imis/index.ts |
Access to hidden dotfiles in home directory
| 173 | | `~/.local/share/imis/index.ts` | Reference API patterns | |
Access to .env file
| 48 | const baseUrl = process.env.IMIS_BASE_URL! |
Access to .env file
| 49 | const username = process.env.IMIS_USERNAME! |
Access to .env file
| 50 | const password = process.env.IMIS_PASSWORD! |