network-tools

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt shows and recommends embedding credentials verbatim in commands (e.g., curl -u user:pass and curl -H "Authorization: Bearer token"), which would require the agent to output secret values directly and poses an exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs modifying system network configuration and processes (e.g., ip addr add/del, ip link set up/down, ip route add/del, kill -9, fuser -k) which require root privileges and change the machine's state, so it can compromise the host.