deep-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs auditors to extract and include code snippets and "evidence" from audited files (file paths and code snippets) with no redaction rules, so any secrets present in the artifacts would be output verbatim, creating exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill's dependency check instructs at runtime to git clone and copy from the external repository https://github.com/mikeng-io/agent-skills to install required sub-skills that define agent prompts/behaviors, meaning remote code would be fetched and would directly control agent instructions.