flux-troubleshooting

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit commands that decode and display secret credentials (e.g., decoding .dockerconfigjson) and instructs checking/updating deploy keys/secrets, which would require the agent to read and potentially return secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Diagnostic Commands and workflow explicitly require inspecting external Git and OCI sources (e.g., "flux get sources git -A", "flux get sources oci -A", "Verify tag exists in registry", and "Check repository URL") which means the agent will fetch and interpret untrusted/public repository and registry content as part of its troubleshooting decisions.