alibabacloud-waf-quick-showcase

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires the agent to ask for the user's ECS login password and embed that password into executed CLI commands (even if displayed output must be redacted), which forces the LLM to handle secrets verbatim and creates exfiltration risk.