remote

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly stores and reuses plaintext server credentials, asks the user for passwords, and uses sshpass (which typically embeds passwords in command lines or saved JSON), so the LLM would need to handle and likely emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill executes arbitrary commands on user-specified remote machines via scripts/remote.sh (and remote.ps1) and reads/prints those remote command outputs for diagnostics and decision-making (see SKILL.md, references/remote-guidelines.md, and scripts/remote.sh), so it clearly ingests untrusted third‑party content from arbitrary remote servers that can influence subsequent actions.