observability-control

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds plaintext credentials (admin:admin) directly in example commands and the access table, which forces the agent to include secret values verbatim in generated commands/outputs.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (low risk: 0.30). The prompt directs the agent to run Docker commands that start/stop containers, remove/create volumes and change permissions (modifying host/container state and potentially deleting data), but it does not ask for sudo elevation, edit system files, or create user accounts.