accessing-cloud-storage

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains examples that pass credentials inline (e.g., s3fs.S3FileSystem(key='AKIA...', secret='...', token='...')) and suggests configuring credentials directly in code, which would require the LLM to handle or emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md shows runtime code that reads arbitrary remote data (e.g., fsspec open on "https://example.com/...", fsspec/pyarrow/obstore access to s3://, gs://, az:// paths and the incremental loading pattern that calls process_file on listed files), which means untrusted public URLs or user-generated cloud objects would be ingested and could materially influence processing/decisions.