odoo-service

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains multiple examples that require embedding passwords or secrets verbatim (e.g., config admin_passwd/db_password, .env POSTGRES_PASSWORD, SQL UPDATE and CLI flags like --password), which forces the agent to handle secrets in plain text and potentially output them.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The Dockerfile templates include wget commands that are executed during docker image build (via the docker_manager build/up commands) which download and install a remote binary (executing remote code) from URLs such as https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6.1-3/wkhtmltox_0.12.6.1-3.bookworm_amd64.deb, and those fetches are a required part of the skill's Docker build process.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill includes numerous commands that modify system state and privileged files (apt-get/dpkg installs, creating /etc/systemd/service units and enabling them with systemctl, writing to /etc/nginx, installing packages, creating PostgreSQL roles/databases, managing Docker volumes, etc.), which require sudo/root and can change the host system configuration and data — so it poses a high risk of compromising the machine state.