fw-setup

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly asks the agent to request the user's API key and to write/update configuration files (e.g., ~/.cursor/mcp.json with an "Authorization": "Bearer ") which requires embedding the secret verbatim, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill launches shell Tasks that at runtime fetch and execute remote installers/packages—e.g., curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bash and npm install -g https://cdn.freshdev.io/fdk/latest-v24.tgz—so these URLs supply remote code the skill executes and relies upon, posing a high-risk runtime external dependency.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs the agent to spawn shell tasks that install/uninstall global packages, remove and modify files (rm -rf ~/.fdk, edit ~/.zshrc, remove /usr/local/bin/fdk, npm global installs/uninstalls, brew/choco installs, write config files), i.e. it performs persistent, system-level state changes that can modify or remove system artifacts and binaries.