openhands-sdk is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
59
Medium Risk
The SDK handles git, plugin, and extension source URLs that can embed credentials such as https://user:token@host. Before the fix these credentials are written verbatim into error logs, stored on the command and stderr fields of GitCommandError, and serialized into persisted state including Skill.mcp_tools. An actor able to read logs, exception output, or persisted conversation/installation state can recover the embedded tokens. The fix routes these values through a central URL-credential redactor and masks secrets at the logging and serialization boundaries.
You are affected if you are using a version that falls within the vulnerable range and you supply git, plugin, or extension source URLs that embed credentials such as https://user:token@host.
openhands-sdk is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in versions 1.0.0 - 1.28.1.
Upgrade the openhands-sdk library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant