devic-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This prompt includes an explicit example that passes an API key directly on the command line (devic auth login --api-key devic-xxx), which instructs embedding secrets verbatim in generated commands and creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The CLI explicitly lets users register and call arbitrary external tool servers and endpoints (e.g., devic tool-servers create with a "url" and devic tool-servers tools test which invokes those endpoints) and agent threads/outputs include TOOL messages, so untrusted HTTP responses from third-party URLs can be ingested and materially influence agent behavior.