cloud-security

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). This skill includes many examples that embed credentials directly in commands (e.g., export AWS_ACCESS_KEY_ID="AKIA...", aws cli with secret args, az login -p SECRET, pacu import_keys --access-key/--secret-key), which instructs or encourages the agent to handle and output secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill contains explicit, actionable offensive techniques — including metadata/SSRF token theft and bypasses, commands to create/attach privileged IAM policies and access keys, instructions to update Lambda/Functions for exfiltration, use of Pacu and other exploitation frameworks, and other privilege-escalation/exfiltration recipes — which directly enable credential theft, privilege escalation and data exfiltration and therefore present a high likelihood of malicious abuse.