migrate-from-modal

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples that embed API keys and tokens verbatim (e.g., envs with "API_KEY": "sk-...", per-exec envs, and inserting token.value into preview URLs), which instructs including secret values directly in generated code/commands and therefore poses a secret-exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's migration guide instructs building images and running commands that fetch and execute public web content (for example the Dockerfile in "Custom images / templates" with "RUN curl -fsSL https://bun.sh/install | bash" and guidance to use process.exec/AWS CLI/gsutil to sync cloud data), which clearly ingests untrusted third‑party content that can materially alter runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Dockerfile examples include a direct shell pipeline that fetches and executes remote code (curl -fsSL https://bun.sh/install | bash), which will run during image build/runtime and therefore is a high-confidence risky external dependency.