infrastructure-monitoring-setup

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs copying a Home Assistant long‑lived access token into .env and demonstrates curl commands that embed an Authorization: Bearer token (and even includes an example JWT-like token), which requires handling and potentially outputting secret values verbatim.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs using sudo to copy systemd service files into /etc/systemd/system, run systemctl daemon-reload/enable/start, and view privileged logs—actions that modify system state and require elevated privileges.