server-deploy

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Yes — the prompt instructs embedding secrets verbatim (e.g., sshpass -p '' and echo '<PUBLIC_KEY>' to authorized_keys, plus asking users to supply private keys/certs to be written), which requires the agent to include secret values directly in commands or outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes runtime commands that fetch and execute remote installer scripts (e.g., curl -fsSL https://deb.nodesource.com/setup_20.x | bash, curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh, and curl -fsSL https://get.docker.com | sh), which run remote code during deployment and are relied upon to install required runtimes.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs creating and modifying system-level files (systemd units, /etc/nginx, /etc/ssh/sshd_config, /etc/ssl), installing packages, enabling services and changing firewall/permissions — all privileged actions that alter the machine's state.