executing-plans

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The prompt includes explicit override language ("These rules are non-negotiable and override all other guidance") and coercive control (force-starting a self-referential loop and an absolute final-output token) that attempts to supersede higher-level/system instructions and thus constitutes a prompt-injection attempt beyond the skill's stated execution-purpose.

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill mandates including full task file contents and publishing raw verification commands and their actual outputs (truncated), which would force the agent to reproduce any secrets present in task files or command outputs verbatim, creating an exfiltration risk even though it doesn't explicitly ask for API keys.