render-deployment-manager

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt's examples and workflow instruct the agent to include environment variables and API tokens directly in commands (e.g., update_environment_variables with "FLASK_SECRET_KEY", "PROCESS_API_TOKEN"), which requires the LLM to handle and output secret values verbatim, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's create_web_service example references and will fetch code at runtime from the repository URL https://github.com/user/render_signal_server, which would be cloned/built and executed (pip install / python startCommand), so remote content directly controls executed code.