caveman-compress

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires sending and preserving code blocks/inline code/commands/URLs/env-vars verbatim (and calls Claude to compress files), so any secrets embedded in those regions would be passed to and reproduced by the LLM, creating a high exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The compress script calls the Anthropic Python SDK (and falls back to the claude CLI), sending prompts to Anthropic's API (https://api.anthropic.com) at runtime and using the model's responses to generate and overwrite files, so external content directly controls the agent's output.