jenkins-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs asking for or reading the Jenkins API token and then embedding it verbatim in a shell alias/command (showing an actual token in the example), which requires the LLM to handle and output secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). High-risk: the skill includes an explicit hard-coded Jenkins username and API token in the example alias and directs users to download a jenkins-cli.jar from a potentially untrusted host, which together create a credential-leak/backdoor and supply-chain risk enabling unauthorized remote access.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill instructs downloading and executing the Jenkins CLI JAR from https://jenkins.ailoveworld.cn/jnlpJars/jenkins-cli.jar (and running it via java -jar), so this external URL provides runtime-executed code that the skill depends on.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). The alias line contains a hardcoded Jenkins authentication credential: "-auth cruldra:1134e00c853945dc9749af3dd439142606". The value after the colon is a long, random-looking hex string (high entropy) and is presented as an actual API/token used for authentication, not a placeholder, truncated value, or an obvious example/setup password. Therefore it meets the definition of a secret and should be flagged.