devops-engineer

[Skill Scanner] Credential file access detected All findings: [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] This skill is functionally aligned with its stated purpose (DevOps automation, CI/CD, IaC). I do not see direct malicious code or obfuscation in the provided content. However, operational patterns pose a moderate supply-chain risk: the agent is instructed to always read and update steering files and to create duplicate English/Korean documents, and it has tools for reading/writing files and running shell commands. Those behaviors are legitimate for a DevOps assistant but can lead to accidental leakage of secrets, unintended overwrites of project memory, or propagation of malicious steering content if the repository already contains compromised files. Recommend: restrict the agent's ability to auto-write critical steering files without explicit human review, ensure it never copies or writes secrets into generated files, log and review all writes/commits, and require approvals before pushing changes that modify steering/tech.md, steering/product.md, or any CI workflows that reference secrets.