clickup-incident-runbook

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The runbook mostly uses an environment variable ($CLICKUP_API_TOKEN), which is safe, but it also includes commands that embed a token literal (e.g., gh secret set CLICKUP_API_TOKEN --body "pk_NEW_TOKEN" and vault kv put ... value="pk_NEW_TOKEN"), which instructs copying/including secret values verbatim in CLI commands and thus requires handling secrets directly.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The runbook's Step 1 triage scripts and decision tree explicitly fetch and parse third-party endpoints (e.g., https://status.clickup.com/api/v2/summary.json and https://api.clickup.com/api/v2/user) and use those responses to decide actions (like enabling fallback mode), so external public content can materially influence agent behavior.