drush

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This prompt includes explicit examples that embed plaintext passwords in generated Drush commands (e.g., --password="pass", user:password "newpassword"), which encourages the LLM to output secrets verbatim and thus poses an exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt includes instructions to run arbitrary PHP in Drupal's bootstrap (drush php:eval/php:cli), execute SQL (including destructive commands and dumps/imports), generate and write code, and create/reset users — all of which can modify application data and potentially the host if Drupal's runtime has file/system access, so it presents a high risk of changing machine state.