sgnk-snapshot
Captures schema-versioned JSON snapshots of production codebases, facilitating seamless handoffs and documentation.
Install this skill
or
50/100
Security score
The sgnk-snapshot skill was audited on Jun 11, 2026 and we found 8 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
high line 34
Template literal with variable interpolation in command context
SourceSKILL.md
| 34 | `"${GVC_BASE_DIR:-$HOME/Desktop/GitHub}/<name>"`. If that's not a git repo, fall |
medium line 58
Template literal with variable interpolation in command context
SourceSKILL.md
| 58 | ```bash |
medium line 68
Template literal with variable interpolation in command context
SourceSKILL.md
| 68 | ```bash |
medium line 227
Template literal with variable interpolation in command context
SourceSKILL.md
| 227 | ```bash |
medium line 29
Access to hidden dotfiles in home directory
SourceSKILL.md
| 29 | - `all` — iterate every repo in `~/.sgnk/GLOBAL-REGISTRY.md` (multi-repo). |
medium line 35
Access to hidden dotfiles in home directory
SourceSKILL.md
| 35 | back to grepping `~/.sgnk/GLOBAL-REGISTRY.md` for any registered path whose |
medium line 235
Access to hidden dotfiles in home directory
SourceSKILL.md
| 235 | - `all` mode: read `~/.sgnk/GLOBAL-REGISTRY.md`, then repeat steps 1–4 per repo, |
medium line 247
Access to .env file
SourceSKILL.md
| 247 | safe** (never reads `.env*`/keys; `required_env` is NAMES only). |
Scanned on Jun 11, 2026
View Security Dashboard