First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
2
Score
50/100
Findings (2)
Text combines credential access with network transmission
Scope Limitations: This skill can ONLY read and send emails from a pre-configured inbox. You CANNOT create or delete inboxes, manage domains, manage webhooks, or manage API keys. Do not attempt these ...Remove the combination of credential access and network transmission from the tool. If the tool needs credentials, access them via a secrets manager and never transmit them externally.
Likely FP if the tool legitimately uses credentials for API authentication (e.g., reading an API key to make authenticated requests to the same service).
Text combines credential access with network transmission
No other methods are available in this skill. Do not attempt to create/delete inboxes, manage domains, configure webhooks, or manage API keys.Remove the combination of credential access and network transmission from the tool. If the tool needs credentials, access them via a secrets manager and never transmit them externally.
Likely FP if the tool legitimately uses credentials for API authentication (e.g., reading an API key to make authenticated requests to the same service).