cloud-aws

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples that pass secrets directly on the command line (e.g., --secret-string '{"key":"value"}', --value "secret") and shows commands to retrieve secret values, which encourages or requires embedding and outputting secret values verbatim.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes AWS cost-management commands and an API call to create/update budgets ("aws budgets create-budget ..."), plus Cost Explorer commands to get costs/forecasts. Although it is an AWS infrastructure skill (not a payments/crypto/banking client), the presence of the explicit budgets API to set/update account budgets matches the documented "manage budgets" criterion for Direct Financial Execution.