insforge-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes commands that accept or reveal secret values verbatim (e.g., insforge secrets add <key> <value> which passes secrets as CLI args and insforge secrets get <key> which returns decrypted values), so an agent following it may need to embed or output raw secrets directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow explicitly states that "insforge deployments status [--sync]" fetches status from Vercel, which is a third‑party service returning user-generated build/status/log content that the agent is expected to read and could materially influence decisions (e.g., debugging, redeploy/cancel actions), creating a real indirect prompt‑injection surface.