patroni

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes plaintext passwords ('admin_password', 'repl_password') inside the patroni.yml and uses them in multiple places, so an agent producing configuration or commands would need to include those secret values verbatim, creating an exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). Yes — the skill instructs creating and editing system-level configuration and data paths (e.g., /etc/patroni/patroni.yml, /var/lib/postgresql/data, HAProxy configs) and running cluster management commands, which modify host state and typically require elevated privileges.