releasing-macos-apps

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows and instructs embedding secrets verbatim into commands (e.g., echoing the Sparkle private key into sign_update and passing an app-specific password via --password to xcrun notarytool), which requires the agent to handle/output secret values directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill relies on and instructs checking/using a publicly hosted appcast/feed (e.g., SUFeedURL pointing to raw.githubusercontent.com and examples like curl -I https://raw.githubusercontent.com/.../appcast.xml and downloading GitHub release assets), so it clearly involves fetching and interpreting untrusted public third‑party content (appcast.xml/releases) at runtime.