ln-641-pattern-analyzer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires reading repository files (and fetching them via WebFetch) and explicitly says to "document evidence: file path + line" and include code references in the report, which can force the model to reproduce literal file lines (potentially API keys/secrets) verbatim in its output.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs that if local shared/ references are missing it should fetch them via WebFetch from the public raw.githubusercontent.com URL (see top note "If shared/ is missing, fetch files via WebFetch from https://raw.githubusercontent.com/...") and those externally fetched "MANDATORY READ" files (scoring_rules.md, pattern_library.md, audit_worker_core_contract.md, etc.) are parsed and used to drive detection, scoring, and next actions, so untrusted third‑party content can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly falls back to fetching reference files at runtime from https://raw.githubusercontent.com/levnikolaevich/claude-code-skills/master/skills/{path}, and those fetched documents (scoring_rules.md, pattern_library.md, audit_worker_core_contract.md, etc.) are labeled "MANDATORY READ" and directly control the agent's scoring/instruction logic, making this a required remote dependency that can change/execute the agent's behavior.