Skip to main content

insecure-defaults

Identifies insecure defaults in applications, enhancing security audits and configuration reviews to prevent vulnerabilities in production.

Install this skill

or
94/100

Security score

The insecure-defaults skill was audited on May 26, 2026 and we found 2 security issues across 1 threat category. Review the findings below before installing.

Categories Tested

Security Issues

medium line 51

Access to .env file

SourceSKILL.md
51- **Fallback secrets:** `getenv.*\) or ['"]`, `process\.env\.[A-Z_]+ \|\| ['"]`, `ENV\.fetch.*default:`
low line 80

Access to .env file

SourceSKILL.md
80Pattern: const secret = process.env.JWT_SECRET || 'default';
Scanned on May 26, 2026
View Security Dashboard
Installation guide →
GitHub Stars 5.6K
Rate this skill
Categorydevelopment
UpdatedJune 10, 2026
frontenddocxapidatabasetestingdevopssecurity-engineerdevops-srebackend-developerdevelopment
trailofbits/skills