data-engineering-storage-remote-access-libraries-pyarrow-fs

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt's examples explicitly show passing access_key/secret_key/session_token and client_secret values directly as string arguments (with realistic-looking placeholders), which encourages embedding secrets verbatim in generated code or commands.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly shows reading remote, potentially public storage (e.g., fs.FileSystem.from_uri("s3://..."), s3_fs.open_input_stream("bucket/file.parquet"), and wrapping adlfs Azure blobs) so the agent ingests untrusted third‑party data from S3/GCS/Azure as part of its processing workflow, which could allow indirect instruction injection via those files.