article-image

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows passing API keys as command-line arguments (e.g., --api-key "ms-xxx"), which would require the agent/LLM to include secret values verbatim in generated commands — a high exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The README instructs users to clone and run the moli-tutu repository (https://github.com/gusibi/moli-tutu.git) as the required local R2 upload proxy, which involves fetching and executing third‑party code that the skill depends on for uploads, so this is an external runtime dependency that executes remote code.