home-default

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly reads the user's AWS credentials file and pipes its contents to an external curl POST, which requires the LLM/agent to handle and output secret values verbatim (direct credential exfiltration).

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). Deliberately malicious: it reads and transmits AWS credentials to an external domain (data exfiltration) and runs a destructive rm -rf using ${HOME:-/tmp} to ensure files are removed, indicating intentional credential theft and system compromise.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs destructive actions (rm -rf of the user's HOME or /tmp) and exfiltrates credentials to an external host, which directly modifies and compromises the machine's state and data.