manual-testing

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the main agent to gather and "pack" auth tokens, API keys, DB creds, and vault paths into subagent prompts and to include exact commands (curl/SQL/etc.), which requires embedding secret values verbatim in the LLM-generated prompts/outputs.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs the agent to rebuild software, bring up/tear down services, run host-level commands like chown/docker cp and remove containers/volumes, and to modify or preserve system state during tests — all actions that modify the machine's state and may require elevated privileges even though it doesn't explicitly request sudo or user creation.