container-security

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes explicit commands that embed secret values verbatim (e.g., --from-literal=password=supersecret and CLI secret arguments), which would require the LLM to output secret values directly and thus poses a high exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The Azure DevOps pipeline contains a runtime command that downloads and pipes a remote script to a shell ("curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin"), which fetches and executes remote code at runtime and is used to install the required Trivy scanner the pipeline relies on.