data-engineering-storage-remote-access-integrations-delta-lake

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes concrete code examples that embed credentials directly in storage_options (e.g., "AWS_ACCESS_KEY_ID": "AKIA...", "AWS_SECRET_ACCESS_KEY": "..."), which encourages producing or copying secret values verbatim and therefore creates a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's examples and workflow explicitly read and load Delta tables from cloud storage URIs (e.g., s3://bucket/delta-table, GCS, Azure) and then call dt.to_pandas(), dt.history(), load_version(), etc., meaning the agent ingests and acts on potentially untrusted, user-generated content from third-party storage.