rustfs

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes explicit plaintext default credentials ("rustfsadmin" / "rustfsadmin"), which encourages the model to reproduce secrets verbatim in commands or configs and thus creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — SKILL.md explicitly instructs to "Fetch live documentation for up-to-date details" and points to the public GitHub repo (https://github.com/rustfs/rustfs), meaning the agent is expected to ingest and act on untrusted, user-generated web content that could influence tool use and decisions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly tells the user/agent to run chown on host directories (chown -R 10001:10011 /your/data/path), an operation that alters filesystem ownership and typically requires sudo, so it instructs changing the machine's state.