qwen-image

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt shows and encourages passing the API key directly on the command line (e.g., "--api-key sk-xxx"), which can cause the agent to insert real secret values verbatim into commands or outputs, creating an exfiltration risk.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Attempt to compromise machine state in skill instructions detected (high risk: 0.80). The skill explicitly instructs the agent to read API keys from local config files (e.g., ~/.openclaw/openclaw.json) and environment variables, which directs the agent to access sensitive secrets on the host even though it does not request sudo or system modifications.