disaster-recovery-testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt embeds plaintext credentials in command lines/connection strings (e.g., "psql postgres://user:pass@...") which requires the agent to reproduce or handle secret values verbatim, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill at runtime downloads and executes database backups from S3 (e.g., s3://my-backups/databases/..., via commands like `aws s3 cp "s3://my-backups/databases/$LATEST_BACKUP"
• | gunzip | psql`), which fetches external content that is then executed as part of the required DR workflow.