wiki-link

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks the user for a git remote URL and then runs/outputs git clone commands using that URL, which can embed credentials or tokens (e.g., https://user:token@host/... or tokenized URLs), so the LLM may need to include secret values verbatim in commands or output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's "2-B. git remote URL" workflow performs git clone on a user-supplied remote URL and then reads the cloned repository's wiki-manifest.yaml as part of its workflow, so arbitrary untrusted third-party repository content could influence decisions and actions.