babysit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly requires the agent to echo the CLI-emitted completionProof secret verbatim inside a ... tag (and mandates passing user responses verbatim for task posting), which forces the LLM to handle/output secret values.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). The prompt explicitly tells the agent to run a privileged command ("sudo npm i -g @a5c-ai/babysitter-sdk@$SDK_VERSION") which requests elevated privileges to modify system-wide packages, so it instructs actions that can change and compromise the host state.