ssh-server-admin

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs collecting SSH passwords into working memory and demonstrates embedding them verbatim in commands (e.g., sshpass -p '[password]' and --password [password]), which requires the LLM to handle and output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly runs SSH commands that fetch and display remote-host content (e.g., "ssh user@host 'sudo tail -100 /var/log/syslog'" and other remote command outputs in SKILL.md), so the agent ingests arbitrary, untrusted third-party server content that could contain instruction-like text and influence subsequent actions.