testcontainers-integration-tests

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt embeds hard-coded passwords and connection strings (e.g., "Your_password123", "postgres", "guest") and instructs creating code that places them directly into environment variables and connection strings, so an LLM following it would output secret values verbatim, creating exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill pulls and runs remote container images during tests (e.g., mcr.microsoft.com/mssql/server:2022-latest, postgres:latest, redis:alpine, rabbitmq:management-alpine), which are fetched at runtime from external registries and execute remote code required for the tests.