claudit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires reading and pasting configuration file contents (e.g., project/global settings, .mcp.json, plugin hooks, CLAUDE.md) and quoting specific lines in outputs/PRs without any redaction rules, which will force the LLM to handle and potentially output secret values verbatim if they exist in those files.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). At runtime the skill's research subagents are explicitly instructed to fetch and ingest official Anthropic docs (e.g., https://docs.anthropic.com/en/docs/claude-code/settings.md as listed in references/known-settings.md), and that fetched content is incorporated into the Expert Context which directly controls downstream agent prompts—constituting a runtime external dependency that can change agent behavior.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). Flagged: the skill instructs the agent to discover and directly edit configuration files across project, user (~/.claude) and system-managed locations (e.g., /etc/... and /Library/...), enabling modifications of machine state (and potentially requiring elevated privileges) even though it doesn't explicitly ask for sudo.