Label Studio Setup

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill includes many examples that embed API keys, passwords, and tokens directly in code and docker-compose (e.g., POSTGRE_PASSWORD=labelstudio, LABEL_STUDIO_PASSWORD=admin, api_key='your-api-key'), which would require the LLM to output secret values verbatim and enables exfiltration.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The Data Import section explicitly shows importing tasks with external URLs and JSON/CSV entries (e.g., 'http://example.com/image1.jpg' in "Import from JSON" and CSV imports) and the ML backend examples fetch image_url for predictions, so the skill clearly ingests and processes untrusted public third‑party content as part of its workflow.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill instructs creating/editing system files (systemd unit, Nginx config, SSL cert paths) and running sudo systemctl commands, which modify the host system and require elevated privileges.