instantly-incident-runbook

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The runbook includes commands that read secrets (kubectl get secret ... | base64 -d) and an explicit CLI that injects a literal API key (--from-literal=api-key=NEW_KEY), which require handling and potentially outputting secret values verbatim, creating exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent/operator to fetch and interpret third‑party status/API pages (e.g., "curl -s https://status.instantly.com" in Quick Triage and the Decision Tree) and uses that external status to choose remediation actions, so untrusted external content can materially influence behavior.