ing-skill-generator

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to read repository files and "copy code verbatim" and "copy configuration blocks verbatim with all properties," which would force the LLM to include any embedded secrets (API keys, passwords, tokens) found in those files in its outputs.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The package contains explicit code that sends full SKILL.md / repo content and eval data to an external "claude" subprocess (and writes transient .claude command files and spawns browsers/HTTP viewers that load remote assets), creating a clear risk of unauthorized data exfiltration of internal documentation; I found no obfuscated backdoor, reverse shell, or credential-harvesting code, but the automated transmission to a third-party model is high-risk for sensitive internal data.