devops

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs embedding user-provided passwords/keys into shell commands (e.g., sshpass -p '密码' ssh ... and password-in-CLI examples) and reads credentials from configs/users, which forces the model to handle and potentially output secret values verbatim.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs and enables system-level changes (editing nginx/docker configs, running systemctl, disk formatting, high-risk deletes) and even suggests insecure SSH options (sshpass with StrictHostKeyChecking=no), so it encourages actions that can modify or compromise the machine state.