deno-deploy

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt demonstrates and encourages passing secret values verbatim in CLI commands (e.g., deno deploy env add API_KEY "sk-...") and tells agents to run non-interactive flows with explicit flags, which can require embedding secrets directly in outputs — an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly supports deploying from arbitrary GitHub repositories (the --source github flow with --owner/--repo) and includes framework auto-detection that inspects repository files (e.g., the "Detect Framework Script"), meaning the agent will fetch and interpret untrusted, user-generated content from public third‑party sources.