PortOpt — Best Practices Reference

Provides a comprehensive guide on best practices for Git, dependency management, Flask structure, input validation, and database handling.

Install this skill

84/100

Security score

The PortOpt — Best Practices Reference skill was audited on May 25, 2026 and we found 4 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 16

Webhook reference - potential data exfiltration

SourceSKILL.md

16	\| 5 \| Prefer a new commit over force-push to trigger Vercel builds \| Vercel's webhook may ignore a force-push even if history changed \|

medium line 12

Access to .env file

SourceSKILL.md

12	\| 1 \| Add `.gitignore` before the first commit \| Binary/generated files (`.db`, `__pycache__`, `.env`) are hard to purge from history once committed \|

medium line 13

Access to .env file

SourceSKILL.md

13	\| 2 \| Never commit secrets or local config (`.env`, credentials) \| Leaked keys cannot be un-leaked \|

low line 107

Access to .env file

SourceSKILL.md

107	[ ] .gitignore updated (no .db, .env, __pycache__)

Scanned on May 25, 2026

View Security Dashboard

Installation guide →

Rate this skill

Categorydevelopment

UpdatedMay 31, 2026

openclaw backend devops backend-developer devops-sre product-manager vercel docker development product

radrhm/portopt