argocd-gitops

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes example secret values and patterns (e.g., "password: ghp_xxxx", an SSH private key block, and a kubectl command that decodes the ArgoCD admin secret) which encourage embedding or exposing secrets verbatim in manifests or commands, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly configures ArgoCD to pull manifests from external Git repositories (see repoURL fields and the ApplicationSet git generator referencing https://github.com/org/... and arbitrary repo URLs), meaning the agent will fetch and interpret untrusted, user-provided content.