devsecops-expert

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples and test steps that create files and commands containing hardcoded secret-like strings (e.g., AKIA..., SuperSecret123!) and instructs generating those artifacts, which requires the LLM to emit secret values verbatim (an exfiltration risk).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The workflow uses a reusable GitHub workflow reference that will be fetched and executed at runtime — slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v1.9.0 — which means external code is pulled in and run as a required dependency.